Course Description

This course teaches you the essentials of the ArcSight Logger solution – both hardware and software – as well as giving you information on how to design a complete solution. This instructor-led training course will cover the core features of the ArcSight Logger solution as well as advanced features.

This course also prepares you for the Logger certification exam. The exam is administered on the last day of the class and is a hands-on, performance-based exam.

Audience/Job Roles

This course is intended for any system administrator or operator that will be working with Logger software or Logger Appliance.

Course Objectives

Upon successful completion of this course, you should be able to:

 Describe, access, and use the basic features and functions of ArcSight Logger

 Install and update Logger

 Configure Logger storage and retention policy settings

 Navigate to specific functions, facilities and configuration settings within the Logger browser UI

 Describe and configure devices, device groups, Receivers, and Forwarders

 Locate and configure Network settings, error logs, remote support access and security certificate trust stores

 Access and manage Logger user/groups

 Explain and implement event indexing and use the Logger search builder to access field-based, full-text and pipeline operator event search facilities

 Create Logger Dashboards and describe the built-in Logger Dashboards and Dashboard panels

 Run reports ad hoc, or as scheduled jobs and publish and archive results according to given distribution and retention criteria

 Search, view, create, edit, enable and disable real-time and scheduled alerts; configure notifications; export alerts for further analysis

 Backup and restore Logger configuration or reports and report definitions; export and import Logger Alerts and Filters; retrieve error and audit logs

Prerequisites/Recommended Skills

To be successful in this course, you should have the following prerequisites or knowledge:

 Common network device functions such as routers, switches, and hubs.

 TCP/IP functions such as CIDR blocks, subnets, addressing, and communications

 Windows operating systems tasks such as installations, services, sharing, and navigation

 Linux or Cent OS experience with shell command lines

Recommended:

 Successful completion of Use Case Foundations course or equivalent experience

 Successful completion of Building Advanced Content course or equivalent experience

 Successful completion of Flex Connector Configuration course or equivalent experience