Data Ingestion at Scale is a course showing how to handle large volumes of data at scale. The course covers everything from parsing with regex or modern auto-parsing logic such as key-value extraction, CEF, LEEF, and JSON to advanced enrichment techniques that will significantly upgrade log context. In addition, the course includes a compilation of tips and tricks learned from years of experience with various SIEM products. If you want to learn how to handle large volumes of data, apply filters, and make sense of the data, this class is for you.
The course is a Logstash-based course. It includes instructional videos and many follow-along labs.
Founder & CEO, Justin is a passionate security researcher with over a decade of experience in consulting. He is a SANS instructor and has had multiple opportunities to work on government contracts specializing in network monitoring systems and incident analysis. He also has had extensive experience in the healthcare industry. Justin is the 13th GSE to become both a red and blue SANS Cyber and holds over 60 industry certifications. Justin is also a SANS instructor and course author of SEC555: SIEM with Tactical Analytics, SEC455: SIEM Design and Implementation, and SEC530: Defensible Security Architecture and Engineering.