OverviewHow To'sAdvanced TopicsAudit Policies Enterprise Activity Dashboard This training illustrates how to use the Enterprise Activity Dashboard to detect security incidents through behavior correlation. The Dashboard monitors and displays the “normal” and “acceptable” behavior and identifies any “new” and “out of ordinary” behavior. A step beyond rule-based correlation where you need to know the condition to write the detection rule, the Enterprise Activity Dashboard provides an easy way to detect the trends and activities that indicate an attack. Agent Direct Log Archiver This training session will give you an overview of Agent Direct Log Archive feature and its usage. This session will also show how to configure this feature on agents to increase the performance while reducing bandwidth usage for real time log collection. Configuration Assessment This training video will give you an overview of Configuration Assessment feature in EventTracker. This session will also show you how to schedule or run on demand configuration assessment on systems using the FDCC and other built-in benchmarks. Behavior Analysis This training video will give you an overview of Behavior Analysis feature in EventTracker. This session will also show you how to configure and tune Behavior analysis dashboard and setup alerts on out of ordinary/new enterprise level activities. EventTracker Reporting Training#1 Overview of the Reporting Engine This training session will introduce how to generate reports with EventTracker. You will get acquainted with the EventTracker reporting interface and feature set associated with reports. We recommend this training for all the people who need to generate reports. EventTracker Reporting Training#2 Analyze and Search Event Log Data In this training session, you will learn how to analyze and search events for specific conditions and learn how to drill down to a specific problem area using EventTracker’s powerful analytic and reporting capability. EventTracker Reporting Training#3 How to Generate Custom Reports This is an advanced training for security officers and IT Admins on how to create a new custom report template for decision support. How to Monitor UNIX Systems This session is an overview on how to monitor your UNIX/Linux syslog messages with EventTracker. Installation and Configuration of the EventTracker Windows Agent The purpose of this training session is to show how to manage, configure and deploy the EventTracker Windows Agent from the central console. Monitoring Host Based Intrusion This is an advanced level security training for security officers who may want to learn best practices to host-based intrusion detection. This training session will teach how to monitor the 20 most critical intrusions. Overview of EventVault This training session will show you how to manage Eventvault, EventTracker’s optimized and high performance event warehouse. This session will also introduce the reasons for why a purpose-built event archive is a far better choice for log retention than a traditional relational database system. Recommended Policy Reports This session will discuss which reports you should run on a daily and weekly basis. Using EventTracker as a Host Based Intrusion Detection System Intrusion Detection Systems (IDS) are a valuable tool to increase overall enterprise security. A host-based IDS analyzes the network, system and application security logs within the systems. Attend this webinar to learn how you can use EventTracker as your own host-based IDS. Integrating Vulnerability Scanner Data with Eventtracker The video session will show you how to integrate data from Vulnerability scanners such as Qualys, Nessus, Nexpose etc., into EventTracker and make the Vulnerability score available for risk calculations within EventTracker. Determine and Control Log Flow With this session you will learn how to determine how many event logs your systems are generating per day. This will allow you to set your filters so that you are getting only the necessary events in your archives. How to Create Categories This training session will instruct you how to create your own policy for monitoring. It will teach you how to create categories by selecting certain events based on predefined rules. EventTracker supplies hundreds of predefined categories but it also gives you the flexibility to create your own knowledge packs and reporting building blocks by creating custom categories. How to Generate Reports with EventTracker In this session you will get an overview of how to run on demand and how to schedule reports. You will see how to use custom categories as report templates. How to Manage Groups This short training session will teach you how to create and manage groups within EventTracker How to Monitor CISCO Devices with EventTracker This session will show how CISCO devices log information. It will also teach how to setup alerts and run reports against your CISCO devices. How to Remove Systems from EventTracker This short training session describes how to uninstall the EventTracker Agent and how to remove monitored systems from the System Manager. How to Setup Alerts This training session will show how to set up alerts in EventTracker. Alerting is critical to support monitoring conditions in real time. This short training session will help you with the rule builder, alerting strategies and notification. How to Setup Filters This session will introduce different filtering strategies to remove unnecessary events. It will show you various levels of filtering to optimize your event collection and long term storage. How to Monitor File Access Activity Learn how to track down who has been accessing files on your systems. Determine what was done to those files and track it back to the user logon. How to Monitor Admin Activities This session will show how to track the activities of your Administrators and how to track when the Administrator account is used by anyone on your network, including domain and local admin accounts. How to Monitor Logon/logoffs This training session will show how to monitor the logon/logoff activities for all your users. It will also show how to determine when your users are failing to log in. How to Monitor UNIX and Linux Systems with EventTracker In this session you will learn how to monitor and alert on syslog data coming from UNIX and Linux systems. The session will also teach how to configure the syslog.conf file on the monitored system to get the needed information. How to Automate Remedial Actions In this session we will look at how to detect the various events in your network and learn how to setup alerts with custom actions. How to Monitor Microsoft Exchange This session will show how to monitor Microsoft Exchange, and what audit levels will help you get the needed information for reports and alerts. Log File Monitoring with EventTracker The training session will show how to set up monitoring of a log file with EventTracker. How to Use Regular Expressions with EventTracker In this webinar learn how to use PCRE Regular Expressions to get more from your alerts and reports in EventTracker. Recommended Audit Settings What are the recommended audit policy settings? In this session we will show you which audit policy settings will generate which different events ids. Directory Service and Object Access Audit Policy In this session we will look closer at the audit policy settings for Directory Service and Object Access. You will learn how to better control what information you are collecting and storing. Tracking Group Policy Changes This session will show how to track changes to group policy settings. Determine who made the change and when the change was made. Track when the changes are replicated to your systems.