# Log360 Training

![ManageEngine Certification](https://cdn.manageengine.com/sites/meweb/images/training/images/training-banner.jpg)

[Download PDF](https://www.manageengine.com/sites/meweb/images/training/log360-training-agenda.pdf)

## About Log360

Log360 is a comprehensive security information and event management (SIEM) solution that performs exhaustive log management, Active Directory auditing, and user behavior management.

## Course agenda

### Getting started and installing Log360

- System prerequisites and requirements
- Installing Log360 as an application and as a Windows service
- Starting and setting up Log360 from the web console

### Integrating the different components of Log360

- Integrating products installed in other machines in Log360
- Setting up all the components of Log360
- Synchronizing the data between the integrated components

### Setting up log collection

- Automating log collection from devices
- Setting up agent-based and agentless log collection
- Implementing log collection filters

### Searching the logs

- Types of search queries and their functions
- Building basic and advanced search queries
- Parsing logs
- Tagging search queries
- Mapping search results as incidents

### Security analytics

- Viewing reports on network activities, Active Directory, Exchange Server, and Microsoft 365 from one place
- Exporting reports in various formats
- Mapping reports as incidents

### Active Directory auditing

- Account logon auditing
- logoff auditing
- AD user object auditing
- AD computer object auditing
- AD group object auditing
- AD organizational unit auditing
- Permission change auditing
- GPO auditing
- Auditing for other AD objects, like containers, contacts, DNS, and more

### File server auditing

- Windows file servers auditing
- Windows failover server clusters auditing
- NetApp Filer auditing
- EMC storage auditing
- File integrity monitoring

### Account Lockout

- Analyzing Windows services and schedule tasks
- Network Drive Mappings/logon sessions/Process list
- Analyzing logon activity of both the domain controller and local
- Analyzing OWA and ActiveSync
- Radius server logins

### Member server auditing

- Auditing logon activity on servers
- Tracking process activity
- Auditing policy changes
- Monitoring system events
- Managing accounts on servers
- Printer auditing
- ADFS auditing
- Removable storage (USB) auditing
- AD LDS auditing

### Dashboard

- Customizing the dashboard and embedding it in external sites
- Adding new widgets to the dashboard

### Setting up security alerts

- Viewing pre-built alerts and correlation-based alert profiles
- Building custom alert profiles
- Exporting alerts

### Event correlation

- Viewing pre-built correlation rules
- Building custom correlation rules

### Response workflows

- Configuring workflows for alerts
- Creating workflow profiles

### Incident tracking

- Creating incidents for alerts, reports, and search results
- Tracking incidents

### User and entity behavior analytics (UEBA)

- Viewing, scheduling, and exporting reports
- Configuring alerts in Log360 UEBA

### Logon settings

- Configuring single sign-on, smart card, and two-factor authentication for secure login

### Centralized administration settings for Log360 and integrated components

- Setting up high availability
- Configuring automatic database backup and build update
- Configuring mail server, SMS, and proxy settings
- Applying SSL certificates and enabling HTTPS
- Setting up Log360 as a reverse proxy server for enhanced security

### General settings

- Enabling license expiration and product downtime notifications
- Migrating from the built-in database to other databases
- Personalizing language and time zone settings
- Customizing the logo, title, and more

## Support

- [certifications@manageengine.com](mailto:certifications@manageengine.com)
- US : +1 888 720 9500
- Intl : +1 925 924 9500
- Aus : +1 800 631 268
- UK : 0800 028 6590
- CN : +86 400 660 8680