Modern applications and devices are generating log data at unprecedented rates. These logs often hold valuable business insight and have become useful sources for various tasks, such as identifying trends and anomalies, assessing regulatory compliance and detecting cybersecurity threats before they escalate. Unfortunately, log files analysis is often unwieldy and requires specialized tools and applications to be carried out.

The Log Analytics for Cybersecurity Workshop is a 2-day hands-on workshop with the aim of equipping IT professionals, data scientists, and IT-savvy business analyst with the latest log analytics skills focusing on cybersecurity applications. In particular, this workshop will help the participant to:

  • Understand the different kinds of log analytics technologies and platforms available today (including ELK & Splunk),
  • Compare and choose a log analytics technology and platform suitable for their requirements,
  • Ingest log data from devices into log analytics system,
  • Use log analytics technology to manage and analyze log data,
  • Understand how log analytics is important to cybersecurity,
  • Apply log analytics to address cybersecurity problems: what kind of logs, what kind of analytics, incidence investigation,
  • Explain the log analytics tools and technology choices to their organization.

This workshop will be taught by leading industry experts in the respective technology.

Target Audience

IT professionals, IT-savvy business analysts, and data scientists interested in a hands-on introduction to the platforms and technologies used in the industry to process and analyze machine/log data. The focus on cybersecurity applications will especially benefit IT professionals interested in regulatory compliance (eg. GLBA, SOX, HIPAA, etc.) and cybersecurity in their IT operations. Participants should be comfortable installing and setting up software on their computers and have intermediate programming skill.

Tuition

The cost for the 2-day workshop is:

  • $498 (State of Hawai`i ETF will subsidize 50% of tuition cost for eligible participants from private sector companies.)
  • There is a limited number of discounted seats for State of Hawai’i employees (including University of Hawai`i System employees), please contact Dr. Lipyeow Lim for more information.

* Coffee/tea breaks and lunch are included.
* No proration for partial attendance is allowed for this workshop.

Registration

Register for Log Analytics Workshop

Instructors & Guest Speakers

Zachary Heilbron, FireEye Inc.,  received a B.Sc. in both math and computer science in 2011 from the University of Hawai`i and his M.Sc. in computer science in 2015 from the University of California, Irvine (UCI). He was originally a Ph.D. student at UCI working on the open-source AsterixDB project but put his Ph.D. career on hold to build an enterprise, log analytics platform at X15 Software. Through X15’s acquisition by cybersecurity firm FireEye in early 2018, he now helps security analysts fight cybercrime using a big data analytics approach.

Fathy Elsherif, Splunk Inc., is a Splunk senior engineer based in Hawaii and has been with Splunk since mid-2014, focusing primarily on Splunk for Security deployments and Splunk Cloud services. His professional career spans several technical roles in other technologies such as real-time communications software, network security, and unified collaboration cloud services. Fathy holds dual bachelor’s degrees in Computer Information Systems and Finance from Georgia Southern University, with professional training and certifications in IT Project Management, Cloud Compute Solutions Architecture, and Cybersecurity, and is a Certified Incident Handler.

Mark Nelson is a Ph.D. Student at the University of Hawaii at Manoa after earning his Masters in Computer Science at the University of Hawaii at Manoa in 2017. Prior to 2015, Mark was a security system architect at Hewlett Packard where he implemented certificate issuing protocols such SCEP.  In 2016, Mark enlisted in the Navy Reserve as a Cryptologic Technician. He is currently a member of the Adaptive Security and Economics Laboratory (ASECOLAB) and holds CISSP and CEH certifications.

Chuck Lerch, HI Tech Hui, is an expert in IT Architecture and Infrastructure. Chuck brings to Hawaii extensive experience in the healthcare, legal, and other industries with demanding security, scalability, and resiliency requirements to help customers plan practical strategies. His diverse experience with multiple industries and startups has helped him solve the most technical and complex IT problems. Chuck’s previous experience includes working with the DOD and FAA, serving as CIO for a national healthcare company that created physician based healthcare in Sears and Kmart

Organizers

Lipyeow Lim is an Associate Professor of Information & Computer Sciences at the University of Hawai`i at Manoa (UHM) where he works on various big data and analytics projects from analyzing Hawaiian language documents to renewable energy applications.

Mahdi Belcaid is an Assistant Professor at the University of Hawai`i at Manoa with a joint appointment in Information & Computer Sciences and the Hawaii Institute of Marine Biology.

Wayne Lewis is a Professor at the Pacific Center for Advanced Technology Training and Continuing Education and Lifelong Learning (PCATT).

Jarret Yip is a Program Coordinator at the Pacific Center for Advanced Technology Training and Continuing Education and Lifelong Learning (PCATT).

Tentative Schedule

DATE & TIME

TOPIC

INSTRUCTOR/

SPEAKER

Day 1 
Thu 8:30-9AM  Registration & check-in
Thu 9-9:30 AM  Opening Remarks Lipyeow Lim & Mahdi Belcaid.

Vincent Hoang, CISO, State of Hawaii.

Thu 9:30-10:30 AM  Session 1: Overview of the log analytics problem, technology and platforms [pdf]  Zachary Heilbron
Thu 10:30-10:45 AM  Coffee/Tea Break
Thu 10:45 AM -12:15 PM Session 2: Elastic, Logstash, Kibana (ELK hands-on tutorial) [ Commands & Scripts (doc) ]  Zachary Heilbron
Thu 12:15 – 1:15 PM  Lunch
Thu 1:15 – 2:45 PM  Session 3: Log Analytics Use cases (hands-on)  Zachary Heilbron
Thu 2:45 – 3 PM  Coffee/Tea Break
Thu 3 – 4:30 PM  Session 4: Log Analytics for Cybersecurity [pdf] [defense security podcast]  Mark Nelson
Day 2 
Fri 9:-10:30 AM Session 5: Splunk [Link to materials]  Fathy Elsherif
Fri 10:30-10:45 Coffee/Tea Break
Fri 10:45 AM -12:15 PM Session 6: Splunk Use cases (hands-on)  Fathy Elsherif
Fri 12:15 – 1:15 PM  Lunch
Fri 1:15 – 2:45 PM  Session 7:  Future of Log Analytics in Cybersecurity  Chuck Lerch
Fri 2:45 – 3 PM  Coffee/Tea Break
Fri 3 – 3:45 PM  Session 8: Wrap-Up [Group Discussion] & [Exit Survey]
Fri 3:45-4:30 PM  Pau Hana Mixer

Workshop Location

University of Hawaii at Manoa IT Center  Room 105.

Participant Laptop Requirement

Participants are expected to bring their own laptop computer to the workshop preloaded with the required software. Please follow these instructions to prepare your laptop.

Parking

Paid Parking is available on the UH Manoa Lower Campus Parking Structure on a first come, first served basis (see location marked in red on UH Campus Map)

Parking cost is $5 per day if you enter between 6:00 am and 4:00 pm and is not included in the tuition. Re-entry is allowed on the same day, but you will need to stop and show the attendant your daily permit upon reentry.