LogRhythm Custom MPE Rules - Parsing the Custom Log Sources

Hello everyone, and welcome to the LogRhythm Custom MPE Rules Course. in this course, we will Parse Custom Log Sources by using Regular Expressions

My name is Adeel and I am a Cyber Security Engineer with more than 10 years of experience.

I will be your instructor in this course.

If you are working on LogRhythm SIEM as an administrator and you have custom log sources in your environment that you want to integrate with LogRhythm, then this is the perfect course for you.

Also, if you want to learn about custom parsing in LogRhythm and want to know how parsing works in LogRhythm, you can join this course.

By the time you are done with this course, you are going to be skilled in writing regex in LogRhythm, creating custom parsers in LogRhythm, and also integrating custom log sources with LogRhythm.

My goal in this course is to help you with creating and applying a custom parser and integrating custom log sources.

I want to take a few minutes and I want to walk through the curriculum because I need you to understand what you are going to learn before you jump into the course material.

Let’s go ahead and take a look at that right now.

This course is broken up into 7 main sections.

Number one is Regex Overview & Basic Regex Writing.

Number two is log types—single-line and multi-line log.

Number three is the Message Processing Engine – Policy, Rule Builder, Base Rule, and Sub Rules.

Number four is LogRhythm fields and tags.

Number five is Custom Log Source Creation & Integration.

Number six is Custom Parser Creation.

Number Seven is MPE Performance Monitoring.