| SPDX-FileCopyrightText | SPDX-License-Identifier | title | author | footer | description | keywords | color | class | style | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
© 2023 Menacit AB <[email protected]> |
CC-BY-SA-4.0 |
Logging course: What's next? |
Joel Rangsmo <[email protected]> |
© Course authors (CC BY-SA 4.0) |
Guidance for future deep-dives into logging |
|
#ffffff |
|
section.center {
text-align: center;
}
table strong {
color: #d63030;
}
table em {
color: #2ce172;
}
|
System auditing and log analysis are useful (but complex) areas of expertise.
Let's look at possible future steps to serve as guidance on your journey.
OpenSearch is free as in speech and free as in beer.
Grab the Docker Compose file and keep going where you left off!
As previously mentioned, lots of the documentation/guides designed for the Elastic/ELK stack also applies to OpenSearch (pre 7.11 release).
Checkout the "Elastic Training Portal", George Bridgeman's Elastic/OpenSearch tutorials and courses on sites like Udemy.
Dataset provided by Splunk containing security-related logs for practicing detection/analysis.
Version 1 to 3 are freely available!
Ported to work with Elastic/OpenSearch by the "BOTES project".
Splunk has provides free trials.
5.0GB per day for 14 days on Splunk Cloud. 0.5GB per day for 60 days for self-hosting.
Loki is available as FOSS and Grafana Cloud is free up to 50GB storage.
