From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep
Join today to access over 25,600 courses taught by industry experts.
Normalizing and Analyzing Logs - Amazon Web Services (AWS) Tutorial
From the course: AWS Certified Security - Specialty (SCS-C03) Cert Prep
Normalizing and Analyzing Logs
In this lesson, I'm going to cover normalizing and analyzing logs. So what does this mean? Normalizing logs means turning different log formats into a consistent structure so they're easier then to search and compare data. Passing logs helps you pull out key details, maybe IP addresses or error codes or user actions instead of actually reading the raw text. Correlating logs lets you connect events across systems so you can see the full story behind an issue or security event. And these steps essentially make it easier to find problems, spot patterns, and understand what's happening across your environment. Now one service we can use is Amazon OpenSearch service. So OpenSearch can connect to many different sources. So essentially it can take the data from these different sources. It helps you to store and index large volumes of logs so you can then search them quickly using filters, fields, and queries. And it parses fields from logs automatically or with custom pipelines, turning your…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
(Locked)
Section 3 - Introduction1m 5s
-
(Locked)
AWS Identity and Access Management (IAM)7m 50s
-
(Locked)
IAM Roles and Policies4m 4s
-
(Locked)
[HOL] Create an IAM User and Group4m 36s
-
(Locked)
IAM Authentication and MFA3m 31s
-
(Locked)
[HOL] Enable Multi-Factor Authentication (MFA)3m 5s
-
(Locked)
AWS Security Token Service (STS)5m 48s
-
(Locked)
-
-
(Locked)
Section 4 - Introduction1m 11s
-
(Locked)
Identity-Based Policies and Resource-Based Policies8m 58s
-
(Locked)
IAM Policy Evaluation6m 58s
-
(Locked)
IAM Policy Structure4m 41s
-
(Locked)
[HOL] Using Role-Based Access Control (RBAC)3m 29s
-
(Locked)
[HOL] Using Attribute-Based Access Control (ABAC)7m 55s
-
(Locked)
[HOL] Apply Permissions Boundary9m 15s
-
(Locked)
[HOL] AWS Policy Generator6m 23s
-
(Locked)
[HOL] IAM Policy Simulator4m 31s
-
(Locked)
IAM Best Practices5m 18s
-
(Locked)
AWS IAM Exam Cram3m 15s
-
(Locked)
-
-
(Locked)
Section 5 - Introduction58s
-
(Locked)
Centralized Governance with AWS Organizations4m 3s
-
(Locked)
[HOL] Create Organization and Add Account6m 21s
-
(Locked)
Authorization Policies (SCP/RCP)9m 17s
-
(Locked)
Management Policies6m 41s
-
(Locked)
SCP Strategies and Inheritance3m 33s
-
(Locked)
[HOL] Create Service Control Policy (SCP)5m 34s
-
(Locked)
Use Cases for IAM Roles6m 19s
-
(Locked)
[HOL] Cross-Account Access to S313m 38s
-
(Locked)
AWS Control Tower7m 3s
-
(Locked)
AWS Organizations and Control Tower Exam Cram2m 42s
-
(Locked)
-
-
(Locked)
Section 6 - Introduction34s
-
(Locked)
Secure VPC Design10m 14s
-
(Locked)
[HOL] Create a Custom VPC13m 24s
-
(Locked)
Stateful and Stateless Firewalls5m 48s
-
(Locked)
Security Groups and Network ACLs4m 47s
-
(Locked)
[HOL] Using Security Groups and NACLs10m 28s
-
(Locked)
VPC Peering7m 33s
-
(Locked)
[HOL] Configure VPC Peering9m 57s
-
(Locked)
VPC Endpoints4m 9s
-
(Locked)
[HOL] Create VPC Endpoint9m 27s
-
(Locked)
AWS Site-to-Site VPN4m 36s
-
(Locked)
Securing AWS Direct Connect5m 46s
-
(Locked)
[HOL] VPC Flow Logs6m 3s
-
(Locked)
Accessing Services – Access Keys and IAM Roles5m 35s
-
(Locked)
[HOL] Access Keys and IAM Roles13m 44s
-
(Locked)
Managing Amazon EC2 Security4m 30s
-
(Locked)
[HOL] Connect to EC2 with Instance Connect4m 47s
-
(Locked)
[HOL] Connect to EC2 with Session Manager6m 11s
-
(Locked)
AWS Services in Amazon VPC5m 18s
-
(Locked)
Automating Infrastructure as Code3m 22s
-
(Locked)
[HOL] Create Amazon VPC with CloudFormation11m 26s
-
(Locked)
Compliance with AWS Config3m 48s
-
(Locked)
[HOL] SSM Automation and Config Rules6m 29s
-
(Locked)
AWS Transit Gateway10m 16s
-
(Locked)
VPC Sharing2m 20s
-
(Locked)
AWS Service Catalog4m 10s
-
(Locked)
Network Reachability and Security Tools12m 36s
-
(Locked)
Network Access Analyzer5m 27s
-
(Locked)
[HOL] Reviewing Findings with Network Access Analyzer11m 17s
-
(Locked)
Automating Security in CI/CD4m 19s
-
(Locked)
AWS Systems Manager7m 5s
-
(Locked)
Systems Manager Parameter Store2m 55s
-
(Locked)
Infrastructure Security Exam Cram7m 50s
-
(Locked)
-
-
(Locked)
Section 7 - Introduction1m
-
(Locked)
DNS Name Resolution and Routing6m 5s
-
(Locked)
CloudFront Signed URLs and OAI/OAC3m 53s
-
(Locked)
[HOL] Configure CloudFront Distribution Settings7m 18s
-
(Locked)
CloudFront SSL/TLS and SNI3m 41s
-
(Locked)
Lambda@Edge1m 40s
-
(Locked)
AWS Web Application Firewall (WAF)4m 3s
-
(Locked)
AWS Shield4m 14s
-
(Locked)
Network Firewall and DNS Firewall3m 20s
-
(Locked)
[HOL] AWS Firewall Manager6m 33s
-
(Locked)
Edge Security Exam Cram3m 8s
-
(Locked)
-
-
(Locked)
Section 8 - Introduction1m
-
(Locked)
Encryption at Rest and in-Transit3m 45s
-
(Locked)
AWS Certificate Manager (ACM)3m 57s
-
(Locked)
[HOL] SSL/TLS Certificate in ACM7m 10s
-
(Locked)
AWS Key Management Service (KMS)10m 38s
-
(Locked)
[HOL] Create Custom KMS Keys6m 21s
-
(Locked)
AWS CloudHSM3m 37s
-
(Locked)
Protecting Data on S3, EBS, and EFS8m 42s
-
(Locked)
[HOL] Enforce KMS Encryption for S3 Bucket4m 15s
-
(Locked)
[HOL] Copy Encrypted Snapshot Across Accounts8m 42s
-
(Locked)
Database Protection - DynamoDB and RDS5m 32s
-
(Locked)
[HOL] Encryption Options for AWS Databases7m 55s
-
(Locked)
[HOL] Schedule Key Deletion2m 23s
-
(Locked)
Storing Secrets4m 12s
-
(Locked)
Security for Lambda Functions2m 27s
-
(Locked)
AWS Step Functions2m 33s
-
(Locked)
AWS Data Lifecycle Management Features6m 42s
-
(Locked)
AWS Data Integrity Features7m 21s
-
(Locked)
[HOL] Amazon Verified Permissions4m 34s
-
(Locked)
Data and Application Protection Exam Cram7m 48s
-
(Locked)
-
-
(Locked)
Section 9 - Introduction1m
-
(Locked)
Amazon CloudWatch & EventBridge6m 25s
-
(Locked)
[HOL] Create a Custom Metric10m 9s
-
(Locked)
Logging for Other AWS Services3m 5s
-
(Locked)
AWS CloudTrail Deep Dive11m 6s
-
(Locked)
[HOL] Create EventBridge rule for API calls4m 7s
-
(Locked)
Normalizing and Analyzing Logs2m 33s
-
(Locked)
Logging, Monitoring, and Auditing Exam Cram2m 56s
-
(Locked)
-
-
(Locked)
Section 11 - Introduction36s
-
(Locked)
AWS Incident Response Overview8m 40s
-
(Locked)
Root Cause and Threat Detection7m 35s
-
(Locked)
Automated Incident Remediation in AWS5m 24s
-
(Locked)
Security Management and Support1m 36s
-
(Locked)
Penetration Testing2m 30s
-
(Locked)
Compliance Services1m 47s
-
(Locked)
Incident Response Plans2m 43s
-
(Locked)
Detect and Respond2m 53s
-
(Locked)
Amazon Athena and AWS Glue3m 45s
-
(Locked)
Automating Security Runbooks with Amazon SageMaker AI5m 41s
-
(Locked)
Data Analysis and Incident Response Exam Cram2m 7s
-
(Locked)