-
4 Days
- Apr 24 - Apr 27, 2023Online
- May 22 - May 25, 2023Online
- Jun 19 - Jun 22, 2023Online
- Jul 17 - Jul 20, 2023Online
- Aug 14 - Aug 17, 2023Online
- Sep 11 - Sep 14, 2023Online
- Apr 24 - Apr 27, 2023Online
-
4 Days
- Apr 24 - Apr 27, 2023Online
- May 22 - May 25, 2023Online
- Jun 19 - Jun 22, 2023Online
- Jul 17 - Jul 20, 2023Online
- Aug 14 - Aug 17, 2023Online
- Sep 11 - Sep 14, 2023Online
- Apr 24 - Apr 27, 2023Online
-
4 Days
- Apr 24 - Apr 27, 2023Online
- May 22 - May 25, 2023Online
- Jun 19 - Jun 22, 2023Online
- Jul 17 - Jul 20, 2023Online
- Aug 14 - Aug 17, 2023Online
- Sep 11 - Sep 14, 2023Online
- Apr 24 - Apr 27, 2023Online
-
5 Days
- Apr 24 - Apr 28, 2023Online
- May 22 - May 26, 2023Online
- Jun 19 - Jun 23, 2023Online
- Jul 17 - Jul 21, 2023Online
- Aug 14 - Aug 18, 2023Online
- Sep 11 - Sep 15, 2023Online
- Apr 24 - Apr 28, 2023Online
-
2 Days
- Apr 24 - Apr 25, 2023Online
- May 22 - May 23, 2023Online
- Jun 19 - Jun 20, 2023Online
- Jul 17 - Jul 18, 2023Online
- Aug 14 - Aug 15, 2023Online
- Sep 11 - Sep 12, 2023Online
- Apr 24 - Apr 25, 2023Online
-
4 Days
- Apr 24 - Apr 27, 2023Online
- May 22 - May 25, 2023Online
- Jun 19 - Jun 22, 2023Online
- Jul 17 - Jul 20, 2023Online
- Aug 14 - Aug 17, 2023Online
- Sep 11 - Sep 14, 2023Online
- Apr 24 - Apr 27, 2023Online
-
4 Days
- Apr 24 - Apr 27, 2023Online
- May 22 - May 25, 2023Online
- Jun 19 - Jun 22, 2023Online
- Jul 17 - Jul 20, 2023Online
- Aug 14 - Aug 17, 2023Online
- Sep 11 - Sep 14, 2023Online
- Apr 24 - Apr 27, 2023Online
-
4 Days
- Apr 3 - Apr 6, 2023Online
- Jun 12 - Jun 15, 2023Online
- Aug 14 - Aug 17, 2023Online
- Oct 9 - Oct 12, 2023Online
- Nov 13 - Nov 16, 2023Online
- Dec 11 - Dec 14, 2023Online
- Apr 3 - Apr 6, 2023Online
-
4 Days
- Apr 3 - Apr 6, 2023Online
- May 1 - May 4, 2023Online
- May 29 - Jun 1, 2023Online
- Jun 26 - Jun 29, 2023Online
- Jul 24 - Jul 27, 2023Online
- Aug 21 - Aug 24, 2023Online
- Apr 3 - Apr 6, 2023Online
-
4 Days
- Apr 3 - Apr 6, 2023Online
- May 1 - May 4, 2023Online
- May 29 - Jun 1, 2023Online
- Jun 26 - Jun 29, 2023Online
- Jul 24 - Jul 27, 2023Online
- Aug 21 - Aug 24, 2023Online
- Apr 3 - Apr 6, 2023Online
-
4 Days
- Apr 3 - Apr 6, 2023Online
- May 1 - May 4, 2023Online
- May 29 - Jun 1, 2023Online
- Jun 26 - Jun 29, 2023Online
- Jul 24 - Jul 27, 2023Online
- Aug 21 - Aug 24, 2023Online
- Apr 3 - Apr 6, 2023Online
-
4 Days
- Apr 3 - Apr 6, 2023Online
- May 1 - May 4, 2023Online
- May 29 - Jun 1, 2023Online
- Jun 26 - Jun 29, 2023Online
- Jul 24 - Jul 27, 2023Online
- Aug 21 - Aug 24, 2023Online
- Apr 3 - Apr 6, 2023Online
-
4 Days
- Apr 3 - Apr 6, 2023Online
- May 1 - May 4, 2023Online
- May 29 - Jun 1, 2023Online
- Jun 26 - Jun 29, 2023Online
- Jul 24 - Jul 27, 2023Online
- Aug 21 - Aug 24, 2023Online
- Apr 3 - Apr 6, 2023Online
-
4 Days
- Apr 3 - Apr 6, 2023Online
- May 1 - May 4, 2023Online
- May 29 - Jun 1, 2023Online
- Jun 26 - Jun 29, 2023Online
- Jul 24 - Jul 27, 2023Online
- Aug 21 - Aug 24, 2023Online
- Apr 3 - Apr 6, 2023Online
X
Contact Us
We would love to hear from you. Please complete this form to pre-book or request further information about our delivery options.

4 Days

(Online and onsite)

Price Upon Request
Enterprise Security Manager—the heart of our security information and event management (SIEM) solution—provides near real-time visibility into the activity on all your systems, networks, databases, and applications. This enables you to detect, correlate, and remedy threats in minutes across your entire IT infrastructure.
This course prepares Enterprise Security Manager engineers and analysts to understand, communicate, and use the features provided by Enterprise Security Manager. Through hands-on lab exercises, you will learn how to optimize the Enterprise Security Manager by using recommended best practices and methodologies.
Enterprise Security Manager Overview
Define Enterprise Security Manager and SIEM concepts, identify appliances and their features, and describe the Enterprise Security Manager solution component architecture.
Devices
Configure and customize receiver data sources and data source profiles.
Enterprise Log Manager and Enterprise Log Search
Configure Enterprise Log Manager settings and mirror Enterprise Log Manager data storage.
Enterprise Security Manager Views
Effectively navigate the Enterprise Security Manager dashboard and create custom Enterprise Security Manager data views.
Data Sources
Locate events and manage cases using a variety of data sources, assets, and enriched data
Aggregation
Customize event and flow aggregation fields on a per- signature basis, and define the advantages and nuances associated with event and flow aggregation.
Policy Editor
Create, modify, and delete Enterprise Security Manager policies within the policy editor.
Query Filters
Apply filters in views, create filter sets, use string normalization, and understand the basic syntax of regular expressions.
Correlation
Configure and deploy custom correlation rules within the correlation editor.
Watch Lists and Alarms
Create and configure watch lists and alarms.
Reports
Create and configure reports.
System Management
Perform routine maintenance on Enterprise Security Manager, including updates and clearing policy modifications and rule updates.
Troubleshooting
Perform troubleshooting steps associated with login issues, operating systems and browser-specific issues, hardware issues, and Enterprise Security Manager dashboard issues.
Use Case Design
Understand how the Enterprise Security Manager interface dashboards and views are used to identify specific events and incidents.
Day 1
- Course Introduction
- Architecture Overview
- Devices and Settings
- ESM Interface and Views
Day 2
- Data Sources
- Working with the ELM and ELS
- Event Analysis
- Aggregation
Day 3
- Watchlists and Policy Editor
- Query Filters
- Rule Correlation
- Alarms
Day 4
- Workflow and Analysis
- Reports
- System Maintenance and Troubleshooting
- Intro to Use Case Design
This course is aimed at Enterprise Security Manager users, responsible for monitoring activity on systems, networks, databases, applications, and for configuration and management of the Enterprise Security Manager solution. Attendees should have a working knowledge of networking and system administration concepts, a good understanding of computer security concepts, and a general understanding of networking and application software.
It is recommended that students have a working knowledge of networking and system administration concepts.
Enterprise Security Manager—the heart of our security information and event management (SIEM) solution—provides near real-time visibility into the activity on all your systems, networks, databases, and applications. This enables you to detect, correlate, and remedy threats in minutes across your entire IT infrastructure.
This course prepares Enterprise Security Manager engineers and analysts to understand, communicate, and use the features provided by Enterprise Security Manager. Through hands-on lab exercises, you will learn how to optimize the Enterprise Security Manager by using recommended best practices and methodologies.
Enterprise Security Manager Overview
Define Enterprise Security Manager and SIEM concepts, identify appliances and their features, and describe the Enterprise Security Manager solution component architecture.
Devices
Configure and customize receiver data sources and data source profiles.
Enterprise Log Manager and Enterprise Log Search
Configure Enterprise Log Manager settings and mirror Enterprise Log Manager data storage.
Enterprise Security Manager Views
Effectively navigate the Enterprise Security Manager dashboard and create custom Enterprise Security Manager data views.
Data Sources
Locate events and manage cases using a variety of data sources, assets, and enriched data
Aggregation
Customize event and flow aggregation fields on a per- signature basis, and define the advantages and nuances associated with event and flow aggregation.
Policy Editor
Create, modify, and delete Enterprise Security Manager policies within the policy editor.
Query Filters
Apply filters in views, create filter sets, use string normalization, and understand the basic syntax of regular expressions.
Correlation
Configure and deploy custom correlation rules within the correlation editor.
Watch Lists and Alarms
Create and configure watch lists and alarms.
Reports
Create and configure reports.
System Management
Perform routine maintenance on Enterprise Security Manager, including updates and clearing policy modifications and rule updates.
Troubleshooting
Perform troubleshooting steps associated with login issues, operating systems and browser-specific issues, hardware issues, and Enterprise Security Manager dashboard issues.
Use Case Design
Understand how the Enterprise Security Manager interface dashboards and views are used to identify specific events and incidents.
Day 1
- Course Introduction
- Architecture Overview
- Devices and Settings
- ESM Interface and Views
Day 2
- Data Sources
- Working with the ELM and ELS
- Event Analysis
- Aggregation
Day 3
- Watchlists and Policy Editor
- Query Filters
- Rule Correlation
- Alarms
Day 4
- Workflow and Analysis
- Reports
- System Maintenance and Troubleshooting
- Intro to Use Case Design
This course is aimed at Enterprise Security Manager users, responsible for monitoring activity on systems, networks, databases, applications, and for configuration and management of the Enterprise Security Manager solution. Attendees should have a working knowledge of networking and system administration concepts, a good understanding of computer security concepts, and a general understanding of networking and application software.
It is recommended that students have a working knowledge of networking and system administration concepts.