Course Description

ArcSight is one of the most popular SIEM tools available in the market. Many organizations and MSSP (Managed Security Service Providers) are using ArcSight to identify and block attacks from intruders. The primary objective of any SIEM tool to collect logs from various security devices and then send those logs through manual or automated co-relation engineers which will, in turn, provide alerts to SOC engineers. Security professionals are then required to find out the origin of attack while also protecting their critical infrastructure. It is well known in security circles that almost all attacks take months to identify and then remediate. A good SOC engineer will make sure the co-relation rules are maintained properly by reducing the false positive alerts and focusing on the areas where attention is required.

Program Benefits Description

This course will teach you how to become a smart SOC engineer. By the end of this course, you will know how to identify the critical resources in the organization and write good co-relations rules to protect IT Infrastructure.

What'll you Learn?
  • Introduction to ArcSight ESM
  • ArcSight Event Schema and Lifecycle
  • ESM Installation and Configuration
  • ESM Console
  • ArcSight Command Center
  • ArcSight Web Interface
  • Active Channels, Filters and Field Sets
  • Rules and Lists
  • Dashboards and Data Monitors
  • Query Viewers
  • ESM Reports
  • Workflow Cases
  • User Administration
  • User Notifications
  • Use Case Resources
  • ArcSight Content Management
  • Event Search
  • HP ArcSight Support Resources
Course Pricing Description

To know more about the Program Pricing, just fill the form. One of our representatives will get back to you with the requested information.


3 Modules Available

Module 1

  • Introduction to ArcSight SIEM Tool.
  • Understanding the architecture of ArcSight SIEM[Security Information and Event Management]
  • Dashboards and Monitors.

Module 2

  • ArcSight Event Schema.
  • Event Lifecycle.
  • ESM Console.
  • Using Active Channels.

Module 3

  • Using Filters and Variables.
  • ESM Rules.
  • ESM Reports.

Need Help

Get in touch, We’ll be glad to provide assistance in choosing the right course.




01 What prior skills are required to attend this module?

This is an advanced course and one need to finish Networking Fundamentals, CCSA, and Wireshark Basics before attending this course.

02 Will I be able to practice labs once I finish my course?

Yes, you will be provided with all necessary software and documents which will help you explore more about the topic.

03 How many hands-on labs will be there in this course?

Purple Synapz is all about understanding the concepts at very low level and therefore each topic will have their own hands-on labs exercises. Refer Course details for more information.

04 Can I attend this course as an individual module?

Yes, this course is offered as an independent course. For additional information, talk to our Support Team.