+- Softwarez.Info - Software's World! (https://softwarez.info)
+-- Forum: Library Zone (https://softwarez.info/Forum-Library-Zone)
+--- Forum: Video Tutorials (https://softwarez.info/Forum-Video-Tutorials)
+--- Thread: Practical Security Investigation With Splunk, Wazuh, Osquery (/Thread-Practical-Security-Investigation-With-Splunk-Wazuh-Osquery--1092346)
Practical Security Investigation With Splunk, Wazuh, Osquery - AD-TEAM - 08-30-2025
![[Image: a4eaf20f66a0cb6a5a562c1807159a77.jpg]](https://i125.fastpic.org/big/2025/0831/77/a4eaf20f66a0cb6a5a562c1807159a77.jpg)
Practical Security Investigation With Splunk, Wazuh, Osquery
Published 8/2025
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.89 GB | Duration: 3h 50m
Master SOC fundamentals, incident response, log analysis, and threat detection with Splunk, Wazuh and OSquery labs,
What you'll learn
Fundamentals of SOC and Role of an SOC analyst
Fundamentals of SIEM
Hands-on with Splunk and conduct security investigation
How to use Wazuh for alerts and vulnerability detection
How to hunt endpoints with Osquery for deep forensics
Requirements
Basics of Computers
Basic knowledge IT Network Protocols
Description
Welcome to the SOC Analyst Masterclass: Security Investigation with Splunk, Wazuh, and Osquery!This course is designed to give you the skills and confidence to investigate, detect, and respond to real-world security incidents using leading open-source and enterprise SOC tools. Whether you're starting your SOC career or looking to enhance your security investigation skills, this hands-on, step-by-step program will guide you through the complete process of setting up a virtual SOC lab, understanding different log types, and mastering investigation techniques.This is a practical, Learn-by-Doing course - you'll not only understand the theory but also build your own SOC lab, work with real logs, and replicate real-world investigation scenarios. You'll get detailed demonstrations, guided exercises, and ready-to-use commands for Splunk, Wazuh, and Osquery so you can follow along at your own pace.In this course, you will cover:SOC & SIEM Fundamentals: Understand SOC roles, functions, tools, and processes. Learn core SIEM concepts and how they fit into security monitoring.Log Types & Data Sources: Explore Windows (Event Logs, Sysmon), Linux (Syslog, Auth), and network logs (Firewall, DNS, HTTP) to understand their value in threat detection.Lab Setup & Tools Installation: Build your own SOC lab from scratch, including Splunk, Wazuh Manager, Kali Linux, and supporting infrastructure using VMware or VirtualBox.Security Investigations with Splunk: Perform hands-on analysis with SPL commands to investigate brute force attacks, DNS beaconing, suspicious file transfers, compromised accounts, and unauthorized cloud access.Threat Detection with Wazuh: Investigate file modifications, brute force activity, vulnerabilities, and learn how Wazuh rules trigger alerts.Endpoint Forensics with Osquery: Run live queries to collect endpoint data, investigate anomalies, and support incident response efforts.By the end of this course, you will have the ability to:Confidently investigate security incidents using Splunk, Wazuh, and OsqueryUnderstand how to analyze logs from multiple sources for accurate threat detectionBuild and manage your own virtual SOC lab for continuous practiceApply your skills to real-world SOC scenarios and improve your incident response capabilitiesWho this course is for:Aspiring SOC analysts, blue team members, and cybersecurity enthusiastsIT professionals looking to transition into security operationsAnyone who wants practical, hands-on SOC investigation experience with industry toolsGet ready to take your security investigation skills to the next level - I'll see you in the course!
Overview
Section 1: Introduction to SOC and SIEM
Lecture 1 What is a SOC
Lecture 2 Role of a SOC Analyst
Lecture 3 Overview of SOC Tools and Technologies
Lecture 4 Understanding SIEM
Section 2: Understanding Log Types and Data Sources
Lecture 5 What is Log and Log analysis
Lecture 6 Windows Logs
Lecture 7 Linux Logs
Lecture 8 Network Logs
Section 3: Installing and Setting Up Lab
Lecture 9 Lab Requirements: Hardware and Software
Lecture 10 Setting up a Linux Server on VMWARE Workstation
Lecture 11 Setting up Virtual Machines- Virtualbox
Lecture 12 Setting up a Linux Server on Virtualbox
Lecture 13 Installing Splunk
Lecture 14 Installing Wazuh Manager
Lecture 15 Setting up Attacker Machine(Kali Linux)
Section 4: Security Investigation with Splunk
Lecture 16 What is SIEM?
Lecture 17 Introduction to Splunk
Lecture 18 Demo: Splunk Dashboard
Lecture 19 Splunk for SOC Analyst
Lecture 20 Exploring Fields in Splunk Search
Lecture 21 head command
Lecture 22 stats command
Lecture 23 table command
Lecture 24 timechart command
Lecture 25 dedup command
Lecture 26 Investigating SSH brute force using Splunk
Lecture 27 DNS Beaconing Detection Using Splunk
Lecture 28 Detect Suspicious File Transfer via Splunk
Lecture 29 Investigate Compromised Windows User Account using Splunk
Lecture 30 Unauthorized Cloud Access AWS from a Foreign Country
Section 5: Section 5: Security Investigation with Wazuh
Lecture 31 Introduction to Wazuh
Lecture 32 Wazuh Demo
Lecture 33 Wazuh Rules
Lecture 34 Investigating Unauthorized File Modification using Wazuh
Lecture 35 Investigating SSH brute force using Wazuh
Lecture 36 Vulnerability detection with Wazuh
Section 6: Security Investigation with Osquery
Lecture 37 Introduction to Osquery
Lecture 38 Installing Osquery
Lecture 39 Lab 1: List All Installed Software on Linux
Lecture 40 Lab 2: Detect New User Accounts Created
Lecture 41 Lab 3: Detect Malware Making Outbound Connections
Section 7: More Resources for Security Investigation
Lecture 42 More Sample Log File for Security Investigation on Splunk
IT or Network Engineer,Freshers,SOC analyst,Network Security Engineer,System Administrator
![[Image: HLt0w54w_o.jpg]](https://images2.imgbox.com/15/1f/HLt0w54w_o.jpg)
RapidGator
NitroFlare
DDownload