CrowdStrike University’s SIEM 210 course trains administrators, security engineers, and data managers to onboard third-party data and manage Falcon Next-Gen SIEM. This one-day, instructor-led program provides hands-on experience with core SIEM functions, initial setup, and configuration. Learners practice integrating custom, local, and third-party data sources using Falcon Data Connectors and the CrowdStrike Parsing Standard, while monitoring ingestion volumes and connector health to ensure efficiency. Topics include log management, compliance, connector auditing, parser tuning, and alert management. Prerequisites include basic SIEM knowledge, regex skills, and familiarity with Windows/Linux logs.

Join for free to read