Beginner Free

Hands-on with SIEM

Learn how SIEM platforms work in real SOC environments by understanding log ingestion, normalization, searching, correlation, and alerting—followed by hands-on walkthroughs of Splunk, Wazuh SIEM, and ELK Stack.

Self-Paced by Rajneesh Gupta

Overview

SIEM platforms form the central nervous system of a SOC. They collect logs from across the organization, correlate activity, generate alerts, and provide investigators with the data needed to detect and respond to threats.

In this project, you will:

  • Understand what SIEM is and why SOCs rely on it
  • Learn how logs are ingested, parsed, and normalized
  • Explore how analysts search logs and investigate incidents
  • Walk through three major SIEM platforms:
    • Splunk
    • Wazuh SIEM
    • ELK (Elastic Stack)
  • Understand how SIEM integrates with EDR, SOAR, and SOC workflows

This project focuses on hands-on understanding and analyst thinking, not just UI clicks.

What You'll Learn

  • Introduction to SIEM

    Understand what SIEM is, why it is critical for modern SOC operations, and how organizations use it for centralized security monitoring.

  • Log Ingestion & Normalization in SIEM

    Learn how logs from endpoints, servers, network devices, and cloud platforms are collected, parsed, and normalized inside a SIEM.

  • Correlation & Alerting in SIEM Platforms

    Learn how SIEM correlates multiple events to detect threats and generate meaningful security alerts.

  • Hands-on with Splunk SIEM

    Understand how Splunk is used in enterprise SOCs for log indexing, searching, dashboards, and alerting.

  • Hands-on with Wazuh SIEM

    Learn how Wazuh functions as an open-source SIEM for log collection, host-based detection, and security monitoring.

  • Hands-on with ELK SIEM

    Understand how Elasticsearch, Logstash/Beats, and Kibana work together to build a flexible SIEM solution.

About Trainer

Rajneesh Gupta

Rajneesh Gupta

Rajneesh Gupta is a seasoned cybersecurity professional with over 11 years of industry experience. With a remarkable career focused on incident response, penetration testing, security compliance, and risk management, Rajneesh has established himself as a leading expert in the field. He is also an accomplished author, having penned the book "Hands-on with Blockchain and Cybersecurity". As a dedicated educator, Rajneesh has made a significant impact on the cybersecurity community by training over 60,000 students globally.

LinkedIn YouTube GitHub

Related Projects

Apache Server Log Analysis using Splunk
Pro Intermediate

Apache Server Log Analysis using Splunk

Detecting Brute Force, SQL Injection, XSS, and Suspicious Web Activity from Apache Access Logs with Splunk SIEM

Hands-on with SOAR
Free Beginner

Hands-on with SOAR

Learn how SOAR platforms automate SOC operations by orchestrating tools, enriching alerts, and executing response actions—through hands-on walkthroughs of n8n, Shuffle, and Tines.

Wazuh + n8n + Anyrun: Automated Malware Analysis
Pro Intermediate

Wazuh + n8n + Anyrun: Automated Malware Analysis

Automate malware analysis by sending Wazuh-detected suspicious files into ANY.RUN, retrieving detailed reports and IOCs, and integrating results back into your SOC workflow.