Vendors

In this course, you will learn how to create custom parsers to extend the integration capability of FortiSIEM to a wider range of devices and custom applications. You will learn how parsers recognize the type of device or application that sent the data, extract and save key information from the log, and map the device type and log information to an event type.

img-course-overview.jpg

What You'll Learn

After completing this course, you will be able to do the following:

  • Examine how FortiSIEM determines which parsers to use
  • Review parser terminology and steps to create a parser
  • Identify different log types and structures
  • Review basic and advanced regex patterns
  • Use tools for regex validation and development
  • Identify appropriate uses of global and local patterns
  • Define local and global patterns
  • Identify common string patterns in event logs
  • Create event format recognizers
  • Configure parsing instructions to extract and map data
  • Build collect Fields By Regex functions
  • Build set Event Attribute functions
  • Add comments to parser code
  • Build conditional matching logic capabilities in parsers
  • Parse and normalize date and time from logs
  • Add, categorize, and query the CMDB for new parser events
  • Create parsers for various log types
  • Manipulate extracted strings from logs
  • Perform calculations on variables or attributes
  • Calculate event severity with syslog priority values
  • Use advanced functions to parse JSON logs
  • Enable FortiSIEM support for logs in other languages

Who Should Attend

Cybersecurity professionals responsible for creating custom parsers on FortiSIEM should attend this course.

img-who-should-learn.png

Prerequisites

You must have an understanding of the topics covered in the following courses, or have equivalent experience:

  • NSE 4 FortiGate Security
  • NSE 4 FortiGate Infrastructure
  • NSE 5 FortiSIEM

Learning Journey

Coming Soon...

  • Introduction
  • Regular Expressions
  • Event Format Recognizers
  • Parsing Instructions
  • Switch-Case Constructs
  • Custom CMDB Event Types
  • Choose-When Constructs
  • Key Value Pair Logs
  • Value List Logs
  • Advanced Features

Frequently Asked Questions (FAQs)

  • Why get Fortinet certified?

    Fortinet certifications validate your expertise in network security and your ability to implement and manage Fortinet's comprehensive Security Fabric.

    These certifications are highly valued by employers and demonstrate your commitment to staying ahead of the ever-evolving threat landscape.

    A Fortinet certification can open doors to new career opportunities, increase your earning potential, and make you a sought-after cybersecurity professional.

  • What to expect for the examination?

    Fortinet offers a variety of certification exams at different levels (NSE 1 - 8) and specializations (security, cloud, cybersecurity).

    Exams typically consist of multiple-choice and scenario-based questions that assess your knowledge and problem-solving skills in real-world security situations.

    Depending on the level and specialization, you will be required to pass/complete the core and/or elective exam(s), while the expert tier has written and practical exam.

    Note: Certification requirements and policies may be updated by Fortinet from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • How long is Fortinet certification valid for?

    As of 1 October 2023, all Fortinet certifications have an expiration date:

    NSE 1 - 4 (FCF, FCA, FCP, FCSS): Valid for two years.

    NSE 5 - 8 (FCX): Valid for three years.

    To maintain your certification, you must recertify before it expires. Recertification options include passing the same exam again or earning a higher-level certification.

    Note: Certification requirements and policies may be updated by Fortinet from time to time. We apologize for any discrepancies; do get in touch with us if you have any questions.

  • Why take this course with Trainocate?

    Here’s what sets us apart:

    - Global Reach, Localized Accessibility: Benefit from our geographically diverse training hubs in 16 countries (and counting!).

    - Top-Rated Instructors: Our team of subject matter experts (with high average CSAT and MTM scores) are passionate to help you accelerate your digital transformation.

    - Customized Training Solutions: Choose from on-site, virtual classrooms, or self-paced learning to fit your organization and individual needs.

    - Experiential Learning: Dive into interactive training with our curated lesson plans. Participate in hands-on labs, solve real-world challenges, and take on comprehensive assessments.

    - Learn From The Best: With 30+ authorized training partnerships and countless awards from Microsoft, AWS, Google – you're guaranteed learning from the industry's elite.

    - Your Bridge To Success: We provide up-to-date course materials, helpful exam guides, and dedicated support to validate your expertise and elevate your career.

Keep Exploring

Course Curriculum

Course Curriculum

Training Schedule

Training Schedule

Exam & Certification

Exam & Certification

FAQs

Frequently Asked Questions

img-improve-career.jpg

Improve yourself and your career by taking this course.

img-get-info.jpg

Ready to Take Your Business from Great to Awesome?

Level-up by partnering with Trainocate. Get in touch today.

Name
Email
Phone
I'm inquiring for

Inquiry Details

By providing your contact details, you agree to our Privacy Policy.