SIEM 210: Onboarding Third-Party Data and Managing Falcon Next-Gen SIEM
SIEM 210: Onboarding Third-Party Data and Managing Falcon Next-Gen SIEM for Falcon Platform Administrators is a focused one-day course designed for security professionals managing CrowdStrike Falcon® Next-Gen SIEM. Through hands-on exercises, participants will learn to configure role-based permissions, integrate third-party data sources, and manage data connectors within the CrowdStrike Falcon® platform. The course emphasizes practical administration skills — including log management strategies, data source integration, and compliance considerations — and ensuring optimal security information and event management (SIEM) operations.
Course Highlights:
- Implementation of log management strategies with compliance considerations
- Configuration of Falcon Data Connectors and HEC/HTTP Event Connector integration
- Data verification through querying and parser fine-tuning
- Monitoring of connector health metrics and performance
- Management of connector and log source alert settings
