Course Objectives
* Define ESM concepts, identify appliances, and describe the ESM solution component architecture
* Navigate and configure the new features provided in this release
* Add, import, and configure data sources
* Navigate Enterprise Log Manager (ELM) and configure settings and data storage
* Navigate Enterprise Log Search (ELS) and configure settings and searches
* Navigate the ESM dashboard and create custom ESM data views
* Locate events, filter data, and manage cases
* Modify default aggregation of events and flows to meet company requirements
* Navigate and configure the Policy Editor to closely reflect your actual environment
* Use correlation to identify events of interest, isolate correlated events, then modify the rule to suit requirements
* Create and configure watchlists and alarms
* Create and configure reports
* Perform routine maintenance on ESM, including updates and clearing policy modifications and rule updates
* Perform basic troubleshooting steps
* Describe High Availability and Disaster Recovery configuration techniques and design
* Practice using the ESM dashboards and views using real world examples