LogScale Training

LOG 202 Course Overview

LOG 202: Analyze logs, Visualize Data, and Answer Business-Critical Questions Using Falcon LogScale isa 1-day instructor-led course that includes hand-on labs that allow you to practice and apply what you've learned. 

Are you responsible for analyzing data to provide actionable insights for your organization? In this immersive course, you will gain hands-on experience with CrodStrike Falcon LogScale and learn how to analyze logs, visualize data, and answer business-critical questions. You'll also learn to design compelling widgets and dashboards, optimize dashboard interactions, and strategically architect parameterized dashboards using the CrowdStrike Query Language (CQL). This course is especially beneficial for roles such as data analysts, IT administrators, and log management specialists. 

What You Will Learn 

  • How to prepare data for use in visualizations
  • How to use CQL and regular expressions (regex) to extract meaningful information from your structured and unstructured data
  • How to Create widgets and dashboards in Falcon LogScale to visualize and represent your data narrative
  • How to implement a systematic workflow for processing new data sources in your environment, enabling you to ask better questions of your data

Recommended Prerequisites

  • Completion of LOG 101: Getting Started with Falcon LogScale
  • Completion of CQL 101: CrowdStrike Query Language Fundamentals 1
  • Completion of CQL 103 CrowdStrike Query Language Fundamentals 2
  • Ability to comprehend course curriculum presented in English
  • Basic Knowledge of and/or experience with Microsoft Windows and Linux environments
  • Familiarity with log management concepts and regex usage

Requirements

  • Broadband internet connection, web browser, microphone, and speakers
  • Dual monitors and headset are recommended

Class Material 

Associated materials may be accessed from CrowdStrike University on the day of class.

Topics

Module 1: Prepare for Data Analysis in Falcon LogScale

  • Navigate the Falcon LogScale Search and Dashboard consoles.
  • Grasp the fundamentals of query structure and syntax.
  • Complete complex query tasks involving CQL and its syntax.
  • Comprehend the fundamental concepts of CQL.
  • Recognize the representation of time and data and the usage of the formatTime() and parsTimestamp() functions to format time.
  • Apply set theory and case logic to cluster and classify data.
  • Use CQL functions to format data for reporting. 

Module 2: Analyze Data Sources Using Data Analysis Techniques

  • Use CQL functions to transform data into actionable information.
  • Use CQL functions to perform basic statistical analysis on data.
  • Integrate data sources using the match() dashboards to effectively represent knowledge in data.
  • Design and personalize widgets and dashboards to effectively represent knowledge in data.
  • Create and configure parameterized dashboards.
  • Design and configure dashboard interactions to enrich data.
  • Apply statistical analysis concepts to generate heat maps and histograms. 

Resources