We are happy to advise you!
+43 1 6000 880-0     Contact

Use Case Workshop: SIEM Integration with Cisco Stealthwatch (UCWSIEM)


Course Overview

Use Case Workshops are hands-on, instructor-led courses focused on specific use case outcomes in Cisco Stealthwatch Enterprise. The workshops are designed to help you quickly identify and investigate common threats and to provide effective workflows so that you can fully understand Stealthwatch capabilities. In this workshop, you will work through a series of activities that focus on using Cisco Stealthwatch Enterprise to determine whether your network policies are configured correctly and being enforced.

Who should attend

This course is intended for individuals who are responsible for using Stealthwatch to monitor security policy, provide feedback on the configuration, and initiate incident response investigations.


To complete this workshop, the following components must be installed and configured on your network:

  • Stealthwatch Release 7.0 or later
  • Stealthwatch Flow Collector
  • Integration with Firewall
  • Integration with Proxy/Nat Device
  • Integration with Proxy/Nat Device

Course Objectives

After taking this course you should be able to

  • Describe the advantages of integrating Stealthwatch with a SIEM.
  • View SIEM data in Stealthwatch by creating a SIEM external lookup option.
  • Configure the Splunk SIEM to accept Stealthwatch syslog entries through the Response Management feature.
  • Explore a Stealthwatch API integration with Splunk.
Online Training

Duration 1 day

Digital courseware
Classroom Training

Duration 1 day

Price (excl. tax)
  • Germany: US$ 500.—
Digital courseware

Currently there are no training dates scheduled for this course.