中In this course, you will be provided with a conceptual overview of logs and their role in Intrusion Detection Systems (IDSs) and Security Information and Event Management tools (SIEMs). The course will discuss the general concept of an IDS and how it works to detect attacks before highlighting specific IDS and SIEM products, such as Suricata, Splunk and Google SecOps (Chronicle), respectively. You will then develop an understanding of how to access and navigate within Suricata and how basic rules are set up to provide alerts, events, and logs for malicious network traffic. This course will conclude with an introduction to Splunk and Google SecOps (Chronicle) and will showcase some of their features, including common commands.
Network Traffic and Logs Using IDS and SIEM Tools
您将学到什么
Understand basic syntax, components of signatures and logs in Intrusion Detection Systems (IDS) and Network Intrusion Detection Systems (NIDS) tools
Perform queries in Security Information and Event Management (SIEM) tools to investigate an event
Determine how to read and analyze logs during incident investigation
Describe how common intrusion detection system (IDS) tools provide security value
要了解的详细信息
可分享的证书
添加到您的领英档案
最近已更新!
September 2025
作业
5 项作业
授课语言:英语(English)
了解顶级公司的员工如何掌握热门技能
积累特定领域的专业知识
本课程是 Google Network Security 专项课程 专项课程的一部分
在注册此课程时,您还会同时注册此专项课程。
- 向行业专家学习新概念
- 获得对主题或工具的基础理解
- 通过实践项目培养工作相关技能
- 获得可共享的职业证书
该课程共有4个模块
In this module, you will be provided with a conceptual overview of logs and their role in Intrusion Detection Systems (IDSs) and Security Information and Event Management tools (SIEMs). The module will highlight the importance of logs, best practices for log collection and management, the variations of logs, and provide an overview of log file formats.
涵盖的内容
3个视频2篇阅读材料2个作业1个插件
This module will discuss the general concept of an IDS and how it works to detect attacks before highlighting specific IDS and SIEM products, such as Suricata, Splunk and Google SecOps (Chronicle), respectively. Learners will then develop an understanding of how to access and navigate within Suricata and how basic rules are set up to provide alerts, events, and logs for malicious network traffic.
涵盖的内容
4个视频5篇阅读材料1个作业2个应用程序项目
In this module, you will get an introduction to Splunk and Google SecOps (Chronicle). The module will describe log sources and log ingestion and provide information on search methods with SIEM tools.
涵盖的内容
3个视频2篇阅读材料1个作业
Review everything you’ve learned and take the final assessment.
涵盖的内容
1篇阅读材料1个作业
获得职业证书
将此证书添加到您的 LinkedIn 个人资料、简历或履历中。在社交媒体和绩效考核中分享。
位教师
提供方
从 Computer Security and Networks 浏览更多内容
状态:免费试用
状态:免费试用
状态:免费Coursera Project Network
状态:免费试用
人们为什么选择 Coursera 来帮助自己实现职业发展
Felipe M.
自 2018开始学习的学生
''能够按照自己的速度和节奏学习课程是一次很棒的经历。只要符合自己的时间表和心情,我就可以学习。'
Jennifer J.
自 2020开始学习的学生
''我直接将从课程中学到的概念和技能应用到一个令人兴奋的新工作项目中。'
Larry W.
自 2021开始学习的学生
''如果我的大学不提供我需要的主题课程,Coursera 便是最好的去处之一。'
Chaitanya A.
''学习不仅仅是在工作中做的更好:它远不止于此。Coursera 让我无限制地学习。'
常见问题
To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.
Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.
更多问题
提供助学金,