Extensions, Frameworks, & Integrations Used with Zeek

سرفصل های دوره

Zeek is a customizable, open-source tool that allows you to monitor the network and analyze events within it. This course will teach how to integrate it with other tools such as Security Onion, Elasticsearch, and Arkime.

1 - Course Overview

1. Course Overview

2 - Identifying Zeek Integrations

1. Introducing Zeek Integrations

2. Customizing Zeek Using Integrations

3. Adding Zeek Packages

4. Installing Zeek Packages

5. Validating Zeek Packages

6. Additional Zeek Projects

7. Validating Spicy's Analyzers

3 - Deploying Zeek with Security Onion

1. Introducing Zeek with Security Onion

2. Zeek's Security Onion Configuration

3. Using Zeek with Security Onion and Hunt

4. Validating Zeek Data Ingestion Using Hunt

5. Additional Security Onion Information

4 - Ingesting and Enriching Zeek Logs

1. Introducing the ELK Stack

2. Ingesting Zeek Logs with ELK

3. Stashing and Parsing Logs with Logstash

4. Integrating Zeek Log Data with Arkime

5. Mapping and Enriching Zeek Data for Arkime

6. Validating Our Integrated Deployment

5 - Integrating Zeek with RockNSM

1. Learning About RockNSM

2. Using Zeek within RockNSM

3. Validating RockNSM Configurations

4. File Carving with Zeek

5. Using Zeek Scripts to Carve PCAP and Stream Files

6. Summarizing RockNSM and File Carving

6 - Using Intelligence in Zeek

1. Using the Zeek Intelligence Framework

2. Adding Intelligence Files to Zeek

3. What Is JA3 and How Can We Use It

4. Additional Zeek Integration Information

Exercise Files

extensions-frameworks-integrations-used-zeek.zip

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight