Lab Guide: Elastic Security for SIEM

Below are the labs for Elastic Security for SIEM. Select the lab assigned to complete it.

1 - Stack Architecture

• Lab 1.0: Elastic Agent Configuration
• Lab 1.1: Configuring Agent Policies and Integrations

2 - Elastic Common Schema (ECS)

Note: This section does not contain any labs

3 - Discover

• Lab 3.0: Discover - Getting Started with Kibana
• Lab 3.1: Discover - Searching with KQL/Lucene

4 - Visualizations

• Lab 4.0: Aggregation Based Visualizations - Data Table
• Lab 4.1: Aggregation Based Visualizations - Metrics
• Lab 4.2: Aggregation Based Visualizations - Heatmap
• Lab 4.3: Aggregation Based Visualizations - Data Over Time

5 - Lens

• Lab 5.0: Lens Visualizations - Create a Visualization
• Lab 5.1: Lens Visualizations - Data Table
• Lab 5.2: Lens Visualizations - Multi-Layer Date Histogram

6 - Dashboards

• Lab 6.0: Utilizing Dashboards - Creation
• Lab 6.1: Utilizing Dashboards - Analysis

7 - Security App

• Lab 7.0: Security App - Getting Started with the Security App
• Lab 7.1: Security App - Explore Pages
• Lab 7.2: Security App - Detection Rules Types
• Lab 7.3: Security App - Alerts
• Lab 7.4: Security App - Timelines
• Lab 7.5: Security App - Cases

---

© Elasticsearch BV 2015-2025. All rights reserved. Decompiling, copying, publishing and/or distribution without written consent of Elasticsearch BV is strictly prohibited.