SIEM 200: Administering and Optimizing Next-Gen SIEM is a one-day course designed for system administrators, SIEM administrators, and security tool administrators who need to effectively manage and optimize CrowdStrike Falcon® Next-Gen SIEM. Through instructor-led sessions with hands-on exercises and practical walkthroughs, participants will master essential administrative skills including role-based access control, data ingestion configuration, and system optimization. The course emphasizes real-world application of administrative best practices, fleet management, and troubleshooting techniques to ensure secure and efficient SIEM operations across enterprise environments.
Course Highlights:
- Administrative interface navigation and role-based access control implementation for secure system management
- Data collection and fleet management strategies including log collector deployment and connector configuration
- Event tagging, data segmentation, and repository management for organized data flow architecture
- CrowdStrike Parsing Standard (CPS) application and parser management for effective data processing
- System health monitoring, performance optimization, and troubleshooting methodologies for operational excellence
