Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Google

Introduction to Google Security Operations (SIEM)

Google via Google Skills

Go to class Write review
DataCamp Ad

Power BI Fundamentals - Create visualizations and dashboards from scratch

Learn More → Boot.dev Ad

The Fastest Way to Become a Backend Developer Online

Learn More →

Overview

Build a Learning Habit
Download Class Central's free printable study calendar
Download for Free
This course provides a comprehensive, end-to-end exploration of Google SecOps SIEM, guiding learners from foundational concepts to advanced investigation and detection engineering. Participants will gain hands-on experience with data ingestion, normalization, RBAC configuration, searching, and dashboarding using both legacy and native capabilities. Through structured modules, demos, and curated examples, the course emphasizes real-world investigation workflows, UDM-based analytics, and YARA-L rule development. By the end of the course, learners will be equipped to operationalize SIEM effectively within their environment and build scalable processes for detection, investigation, and reporting.

Syllabus

  • Intro to SIEM
    • Intro to SIEM: SIEM Overview
    • Intro to SIEM: SIEM Supported Data Ingestion Methods (Overview)
    • Intro to SIEM: Configuring RBAC (SIEM) - RBAC Overview
    • Intro to SIEM: UDM Overview
    • Intro to SIEM: Pipeline & Normalization
    • Intro to SIEM: Methods of Searching (SIEM) Overview
    • Intro to SIEM: Visualizations Overview
    • Intro to SIEM: Detection Engine Overview
    • Intro to SIEM: Knowledge Check
  • SIEM Setup
    • SIEM Setup: SIEM Data Ingestion - Data Collection using Direct Ingestion
    • SIEM Setup: SIEM Data Ingestion - Collecting Logs Using Third Party APIs
    • SIEM Setup: SIEM Data Ingestion - Collecting Logs Using Cloud Storage Buckets
    • SIEM Setup: SIEM Data Ingestion - Cloud Ingestion - Streaming Services
    • SIEM Setup: SIEM Data Ingestion - Cloud Ingestion - Feed Management
    • SIEM Setup: SIEM Data Ingestion - On-Prem Data Collection: Overview
    • SIEM Setup: SIEM Data Ingestion - On-Prem Data Collection: BindPlane Deployment Patterns
    • SIEM Setup: SIEM Data Ingestion - On-Prem Data Collection: BindPlane Configuration
    • SIEM Setup: Configuring RBAC (SIEM) - Feature RBAC
    • SIEM Setup: Configuring RBAC (SIEM) - Configuring Feature RBAC
    • SIEM Setup: Configuring RBAC (SIEM) - Data RBAC
    • SIEM Setup: Configuring RBAC (SIEM) - Scopes & Labels
    • SIEM Setup: Configuring RBAC (SIEM) - Implementing & Managing Data RBAC
    • SIEM Setup: Normalization - Configuration-based Normalization (parsing flow, structure, functions)
    • SIEM Setup: Normalization - Data extraction (formatted & grok)
    • SIEM Setup: Normalization - Data manipulation
    • SIEM Setup: Normalization - Completed Parser Review
    • SIEM Setup: Normalization - Parser Management & Types of Parsers
    • SIEM Setup: Normalization - Parser Extension Demo
    • SIEM Setup: Knowledge Check
  • SIEM Investigation
    • SIEM Investigation: Raw Log Search
    • SIEM Investigation: UDM Schema & Field Families
    • SIEM Investigation: UDM Search
    • SIEM Investigation: Data Tables Introduction
    • SIEM Investigation: UDM Statistical Search & Aggregation
    • SIEM Investigation: UDM Search Demo
    • SIEM Investigation: Knowledge Check
  • SIEM Dashboards
    • SIEM Dashboards: Dashboards Introduction & Curated Content
    • SIEM Dashboards: Building a Yara-L query
    • SIEM Dashboards: Dashboard Filtering
    • SIEM Dashboards: Native Dashboards Advanced functionalities
    • SIEM Dashboards: SIEM Legacy Dashboards
    • SIEM Dashboards: Knowledge Check
  • SIEM Detections
    • SIEM Detections: Curated Detection Categories, Rule Sets, Dependencies
    • SIEM Detections: YARA-L Rule Construction, Structure, & Variables
    • SIEM Detections: Regex string matching, Reference Lists, repeated fields
    • SIEM Detections: YARA-L Functions
    • SIEM Detections: Optional Sections (Match, Outcome, Options)
    • SIEM Detections: Single event rule
    • SIEM Detections: Multiple event rule
    • SIEM Detections: Single vs Multi-event rules
    • SIEM Detections: Composite rules Overview
    • SIEM Detections: Entity Context
    • SIEM Detections: Leveraging the Entity Graph in Rules
    • SIEM Detections: Rule Testing
    • SIEM Detections: From Events to Alerts
    • SIEM Detections: Methods for Optimizing YARA-L
    • SIEM Detections: Knowledge Check
    • Additional resources document (Course hyperlinks)
  • Your Next Steps
    • Claim credential

Tags

Reviews

Start your review of Introduction to Google Security Operations (SIEM)

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.