Network Monitoring and Analysis with Bash

Network traffic and local logs can be a valuable source of information during an incident investigation. This course will teach you how to analyze network traffic with Bash.

During an incident investigation, the two most reliable sources of data are network traffic and local logs. They help us to understand the actions performed by the attacker as well as helping us to guide our investigation. In this course, Network Monitoring and Analysis with Bash, you’ll learn how to analyze network traffic and local logs using Bash. First, you’ll explore how to analyze local logs for suspicious behavior. Next, you’ll discover how to investigate network connections on a Linux server. Finally, you’ll learn how to collect logs from remote machines as well as collecting traffic from the network. When you’re finished with this course, you’ll have the skills and knowledge of network analysis with Bash needed to investigate an incident.

• Course Overview 1min
• Analyzing Local Logs for Suspicious Behavior 22mins
• Finding Network IoCs 14mins
• Collecting Logs from Remote Machines 12mins
• Capturing and Analyzing Network Traffic 21mins