InsightIDR - Understanding Collectors and Event Sources

Learn how to detect key indicators of compromise

Cancel Apply

rate limit

Code not recognized.

About this course

Ensure detection of key indicators of compromise by learning:

  • What collectors do and how they work
    • This is the first component to install, the most critical
  • Which Event Sources to prioritize
    • LDAP, AD, and DHCP (the "foundational" event sources) must be configured first
    • Without these sources, user attribution will suffer
  • How to configure Event Sources - Data Collection Methods
    • Listen on network port
    • Log Aggregator
    • SQS
    • WMI
    • Watch Directory
    • Tail File
    • AWS S3
  • The importance of the Insight Agent for IOC detection

Desired Outcome:

Ensure your implementation is optimized to ensure detection of Key Indications of Compromise

Curriculum~45 minutes

  • Click here to register for a live workshop
  • Click here to watch a recording of this workshop

About this course

Ensure detection of key indicators of compromise by learning:

  • What collectors do and how they work
    • This is the first component to install, the most critical
  • Which Event Sources to prioritize
    • LDAP, AD, and DHCP (the "foundational" event sources) must be configured first
    • Without these sources, user attribution will suffer
  • How to configure Event Sources - Data Collection Methods
    • Listen on network port
    • Log Aggregator
    • SQS
    • WMI
    • Watch Directory
    • Tail File
    • AWS S3
  • The importance of the Insight Agent for IOC detection

Desired Outcome:

Ensure your implementation is optimized to ensure detection of Key Indications of Compromise

Curriculum~45 minutes

  • Click here to register for a live workshop
  • Click here to watch a recording of this workshop