ArcSight ArcSight Express Administration and Operations Course Code: ACBE ACS-EAO Days: 5 Course Description: The ArcSight Express Administration and Operations course provides you with comprehensive training for ArcSight Express. This course includes hands-on training exercises on packaged content and functionality for you to bring the ArcSight Express appliance into production environments. This course is intended for ArcSight Express with Oracle database, NOT ArcSight Express with the CORR-Engine. Course Summarize: Module 1 - Introduction to ArcSight Express ArcSight Roles ArcSight Express Components ArcSight ESM Resources SSL Communications Product Documentation Module 2 - ArcSight ESM Event Schema/Network Model Event Schema Schema Group Definitions ArcSight Network Model Asset Modeling Module 3 - Lifecycle of an Event through ArcSight ESM Data Collection and Event Processing Priority Evaluation and Network Modeling Correlation Evaluation Monitoring, Investigation and Workflow Incident Analysis and Reporting Database Partitions and Long Term Storage Module 4 - ArcSight Web Interface Overview Home Page Web Dashboards Web Reports
Web Active Channels Web Cases Notifications ArcSight Web Online Help Module 5 - Active Channels, Field Sets and Filters Active Channel Features Using Field Sets Filter Types Module 6 - Dashboards and Data Monitors Dashboard Resources About Data Monitors Dashboard Event Monitoring Module 7 - Running Reports Report Runtime Definitions Running and Archiving Reports Managing Archived Reports Focused Reports Report Scheduling Module 8 - Cases Cases Overview Using the Cases Page Module 9 - ArcSight Admin Console Installation Console Installation Requirements and Options Post-installation Modifications Module 10 - ArcSight Admin Console Overview Navigator Panel Viewer/Grid Panel Inspect/Edit Panel Message Bar General Admin Console Features Console Online Help Module 11 - Network Modeling Wizard CSV Column Headers Zones CSV File Asset CSV File Asset Range CSV File DHCP/VPN Considerations
Module 12 - Administration of Users Creating Users Features of User Groups Administration of ACL's ArcSight Password Policy Module 13 - Active Lists, Session Lists, and Rules Using Active Lists Rule Types Rule Aggregation Rule Triggers and Thresholds Actions and List Tuning Correlation Options Session Lists Module 14 - Notification Administration Notification Process and Components Notification Templates Configuring Notifications ArcSight Whine Daemon Module 15 - Report Customization and Authoring Report Definitions Running Reports Report Types Report Tools Module 16 - Logger Storage Appliance Setup Initial Storage Appliance setup tasks Storage Appliance reboot Network configuration Module 17 - Navigating the Storage Appliance Logger User Interface Information Band Logger Main Menu Tabs Module 18 - Storage Appliance Configuration Settings Global settings Platform settings Additional system settings Implementing and validating settings Module 19 - Managing Storage Appliance Users and Groups
Default User Groups User Group Privileges Managing User Groups Managing Users Module 20 - Storage Appliance Field Query Searches Logger Search Methods Using the Field Query Method Indexing Event Fields Module 21 - Storage Appliance Regular Expression Query Searches Query Criteria Regular Expressions Boolean Logic Creating and modifying a Regular Expression Search Queries Comparing Regular Expression Search Queries and Field Search Queries Module 22 - Storage Appliance Filters and Saved Searches Filters and Queries Filter Types Creating shared filters Creating search group filters Saving filters and searches Managing filters and saved searches Scheduling saved search jobs Exporting search results Module 23 - Storage Appliance Reports Logger Reporting Overview Foundation Reports (Predefined) Viewing Reports Running Reports on Demand Scheduling Reports Saving, Publishing and Distributing Report Results Report Administration and Administrative Settings Module 24 - Specifying Report Data Modifying and Creating User Reports Creating Parameters and Parameter Groups Customizing Queries for Reports Working with Report Designer Module 25 - Customizing Report Display Selecting the report template Specifying report file format
Specifying field display names Specifying field width and other field attributes Working with Report Designer to customize report appearance Module 26 - Logger Dashboards Dashboard Overview Dashboards and Report Home Pages Creating a Dashboard