SEM05P - Grokking SecOps Data with ELK (separate registration is required)

Monday, May 01 | 1:00PM–4:30PM | Penrose 1, Lower Level 1
Session Type: Additional Fee Program
Delivery Format: Preconference Seminar
The use of the ELK stack has exploded in many IT areas, but particularly in SecOps departments. The speed and efficiency of generating useful metrics and aggregating mountains of data from network, firewall, and IPS devices is a world apart from traditional information gathering and plain-text log files. We'll explore the three components of the stack, basic installation, and configuration, then look at how the stack has been put to work in SecOps at two different institutions. We will present a mix of technical and "big picture" explanations, with emphasis on practical and appropriate uses for the technology.

Outcomes: Learn about the ELK stack and its components *Understand where ELK may be an effective and efficient use of resources *Experience ELK in person with real data instead of through pictures


  • Dan Boyd

    Director of Information Security, Berry College
  • Kevin Wilcox

    Information Security Specialist, Appalachian State University