Learning

LME Learning Tree

Welcome to Logging Made Easy (LME), a centralized resource designed to simplify and standardize the logging process across your environment. This Learning Tree provides clear guidance and practical examples to help users implement consistent, meaningful, and efficient logging practices. Within this section, you'll find ready-to-use logging models, configuration templates, and best practices that ensure visibility, traceability, and ease of troubleshooting. Whether you're new to logging or refining an existing system, these models serve as a foundation for improving data quality and operational insight.

Learning Modules

Category	Topic	Documentation	Media
Overview	Using GitHub	* Getting Started with Your GitHub Account, * About GitHub Discussions, * Tracking Your Work with Issues, * FAQs	* Using GitHub
Overview	Introduction to LME	* CISA's LME, * Logging Made Easy, * Architecture, * Logging Made Easy (LME) 2.0 Installation, * Configuring LME	CISA’s Logging Made Easy (LME)
Overview	Navigating LME's GitHub Repositories	coming soon	coming soon
Installation	Installation Prerequisites	* Prerequisites, * Installation Guide, * Troubleshooting LME
Installation	Deploying LME (Ubuntu 22.04)	Installation Guide	* Logging Made Easy (LME) 2.0 Installation
Installation	Deploying LME in the Cloud	* Logging Made Easy in the Cloud, * Installation Guide
Agents	Deploying Elastic and Wazuh Agents	* Elastic Agent Management - Enrollment Guide, * Example Setup for Wazuh Active Response, * LME Wazuh Agent Enrollment Guide
Agents	Verifying Agent Health	* Wazuh Troubleshooting, * Elasticsearch Troubleshooting
Interface and Usage	Navigating the LME UI	Architecture
Interface & Usage	Searching & Filtering Logs	Filtering Logs in the LME Cloud
Interface & Usage	Writing Effective Queries	* Query DSL * Query String Query, * Query Language
Interface & Usage	Dashboards	Dashboard Descriptions
Log Management	Understanding Indices & Storage	* Retention Settings, * Filtering Logs in the LME Cloud, * Syslog Forwarding, * Backing Up LME Logs, * Event Log Collector
Log Management	Configuring ILM Policies	* Elasticsearch Index Lifecycle Management, * Index Lifecycle Management
Detection & Alerting	Introduction to Detection Rules	Elast Alert Rule Writing
Detection & Alerting	Tuning & Creating Rules	Elast Alert Rule Writing
Detection & Alerting	Investigating Alerts		Analysis Demo
Notifications	Configuring ElastAlert Notifications	Elast Alert Rule Writing
Operations & Maintenance	Maintaining LME	* Wazuh Configuration Management, * Backing Up LME Logs, * Podman Volume Management
Operations & Maintenance	Managing Access & Permissions	* Password Encryption, * Security, * Elastic Cloud Enterprise Security
Operations & Maintenance	Scaling & Resource Planning	Estimating Data Storage Requirements

TEST

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Learning

LME Learning Tree

Learning Modules

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally