Turn raw logs into real intelligence. Security teams rely on telemetry—the continuous stream
of logs events metrics and signals that reveal what’s happening across systems endpoints
and cloud services. But that data doesn’t organize itself. It has to be collected normalized
enriched and secured before it becomes useful. That’s where data engineering comes in. In
this hands-on guide cybersecurity engineer James Bonifield teaches you how to design and build
scalable secure data pipelines using free open source tools such as Filebeat Logstash Redis
Kafka and Elasticsearch and more. You’ll learn how to collect telemetry from Windows including
Sysmon and PowerShell events Linux files and syslog and streaming data from network and
security appliances. You’ll then transform it into structured formats secure it in transit
and automate your deployments using Ansible. You’ll also learn how to: Encrypt and secure
data in transit using TLS and SSH Centrally manage code and configuration files using Git
Transform messy logs into structured events Enrich data with threat intelligence using Redis
and Memcached Stream and centralize data at scale with Kafka Automate with Ansible for
repeatable deployments Whether you’re building a pipeline on a tight budget or deploying an
enterprise-scale system this book shows you how to centralize your security data support
real-time detection and lay the groundwork for incident response and long-term forensics.
