3-Day Instructor-Led Programme
Build and operate ELK-based SIEM for log ingestion, detection, and threat hunting. Learn through mentor-led, practical SOC scenarios using Elasticsearch, Logstash, and Kibana.
Duration
3 Days
Price
$1,999
%20Security%20Engineer%20-%20professional%20IT%20training%20certification%20course%20hero%20image%20with%20modern%20tech%20workspace%2C%20computers%2C%20and%20learning%20environment)
Elastic (ELK) Security Engineer equips professionals with the skills to build and operate a modern SIEM using Elasticsearch, Logstash, and Kibana. The course focuses on real-world SOC use cases including log ingestion, detection engineering, and threat hunting workflows.
Through mentor-led sessions and hands-on labs, learners will configure pipelines, create dashboards, and develop detection rules for identifying suspicious activity. The programme also explores how to analyse logs effectively and respond to security events using ELK.
By the end of the course, participants will be able to deploy ELK for security monitoring, perform threat hunting, and support incident response operations. This course is ideal for those working in or transitioning into SOC and blue team roles.
Build ELK pipelines, create detection rules, and perform threat hunting in lab-based SOC scenarios.
Mentors guide SIEM setup, detection tuning, and investigation techniques.
Develop practical SIEM engineering and threat detection capabilities.
Design ELK-based SIEM architectures
Analyse logs for security insights
Implement detection rules and alerts
Perform threat hunting activities
Investigate and respond to incidents
Optimise SIEM performance and accuracy
Basic understanding of networking and security concepts
Familiarity with Linux and command line
Basic knowledge of logs and monitoring
Step-by-step learning journey from basics to professional practice
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Everything you need to know about the certification exams
You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations.
Credential
On successful completion of Elastic (ELK) Security Engineer, learners receive an Xcademia Certificate of Completion. This standalone certificate is issued directly by Xcademia and is aligned with globally recognised frameworks and best practices.
Everything you need to know about this course
It is a set of tools (Elasticsearch, Logstash, Kibana) used for log analysis and SIEM operations.
Take the next step in your professional development
