Parsing and Correlating Logs with syslog-ng

syslog-ng gives you a great open source tool for centralized log collection, parsing, and correlation. This course will teach you about this tool and how to configure and use it within your network to suit your needs.

syslog-ng is a log collection tool that can ship, parse, correlate, and rewrite the logs it receives, enabling organizations to offload the SIEM resources that are dedicated to these activities, which can help normalize traffic. Learning how to configure, use, and customize this tool will help you manage your logging infrastructure effectively. In this course, Parsing and Correlating Logs with syslog-ng, you will learn all about this tool and how it functions, as well as how to use it. First, you will explore the tool, its purpose, and syslog as a protocol. Next, you will see how to configure it in your environment, and dive deep into parsing with syslog-ng. Finally, you will discover how to correlate with it. When you are finished with this course, you will have a full understanding of syslog-ng and be able to establish and maintain a strong logging infrastructure.

• Course Overview 1min
• Learning About syslog-ng 21mins
• Configuring syslog-ng 26mins
• Parsing Logs with syslog-ng 27mins
• Correlating Logs with syslog-ng 21mins