Hands-On Cloud logging
RCCE students will learn cloud-native logging services and security monitoring including AWS CloudTrail, Azure Activity Logs, GCP Cloud Audit Logs, cloud storage logging, and cloud log analysis. RCCE students will learn to enable and configure comprehensive cloud logging across AWS, Azure, and GCP, centralize cloud logs for security analysis, parse and normalize cloud log formats, detect security-relevant events including unauthorized API calls, privilege escalation, data exfiltration, and configuration changes, build automated alerting for critical cloud events, manage cloud log retention and storage costs, and use cloud logs for forensic investigation of cloud security incidents. This practice-intensive course emphasizes applied skills through lab exercises, real-world scenarios, and production-realistic workflows. Starting from foundational concepts, RCCE students will learn by doing, building muscle memory and practical confidence through repeated hands-on engagement. Students complete exercises that mirror actual workplace tasks, ensuring skills transfer directly to their professional roles.
- Cloud Security Architects and Engineers
- DevSecOps and Platform Engineers
- Identity and Access Management Specialists
- Security Analysts securing cloud workloads
- Professionals implementing Hands-On Cloud logging
- Execute hands-on tasks for hands-on cloud logging
- Monitor and audit privilege usage; detect escalation attempts
- Execute hands-on tasks for learning objectives — covering Centralize cloud logs.
- Execute hands-on tasks for why cloud logging matters
- Execute hands-on tasks for business drivers
- Execute hands-on tasks for security imperatives — covering Regulatory compliance (SOC 2, HIPAA, PCI), Mean time to detect (MTTD) reduction.
- Explain Cloud Logging Architecture Overview fundamentals
- Execute hands-on tasks for log sources
- Execute hands-on tasks for analytics layer — covering API calls and management.
- Execute hands-on tasks for cloud log types taxonomy
- Execute hands-on tasks for management logs — covering Control plane operations, Resource.
- Execute hands-on tasks for data plane logs — covering Object read/write, Database queries and.
| Module 01 | Hands-On Cloud Logging |
| Module 02 | Security Monitoring Across AWS, Azure, and GCP |
| Module 03 | Learning Objectives |
| Module 04 | Why Cloud Logging Matters |
| Module 05 | Business Drivers |
| Module 06 | Security Imperatives |
| Module 07 | Cloud Logging Architecture Overview |
| Module 08 | Log Sources |
| Module 09 | Analytics Layer |
| Module 10 | Cloud Log Types Taxonomy |
| Module 11 | Management Logs |
| Module 12 | Data Plane Logs |
| Module 13 | Network Logs |
| Module 14 | Identity Logs |
All hands-on labs run on Rocheston Rose X OS. Students practice hands-on cloud logging by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for hands-on cloud logging
- Lab 2: Monitor and audit privilege usage; detect escalation attempts
- Lab 3: Execute hands-on tasks for learning objectives
- Lab 4: Execute hands-on tasks for why cloud logging matters
- Lab 5: Execute hands-on tasks for business drivers
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Hands-On Cloud logging, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI