Seth Grover

**For what topic would you like to see training developed?** Go through examples of setting up third party logs to Malcolm. Use Windows events and Linux systemd messages as examples....

**For what topic would you like to see training developed?** Go over the options for Malcolm account management: local account management vs. LDAP/active directory **What format would be best suited...

**For what topic would you like to see training developed?** Go over the Discover interface in OpenSearch dashboards **What format would be best suited for this training?** A video **Is...

**For what topic would you like to see training developed?** talk about Malcolm's severity scoring and how to customize it. go over the severity dashboard. **What format would be best...

**For what topic would you like to see training developed?** Show how to use the anomaly detection features in opensearch dashboards **What format would be best suited for this training?**...

**For what topic would you like to see training developed?** show how to write search queries and use the UI to apply filters in Arkime **What format would be best...

**For what topic would you like to see training developed?** Illustrate how to use fields like `event.id` (Zeek's UID and FUID) and Community ID to pivot between dashboards and between...

**For what topic would you like to see training developed?** Go over the Arkime spiview interface **What format would be best suited for this training?** A video **Is there existing...

**For what topic would you like to see training developed?** Go over the Arkime SPIGraph interface **What format would be best suited for this training?** A video **Is there existing...

**For what topic would you like to see training developed?** Go over the Arkime sessions interface, including using views, PCAP export, and viewing packet payloads **What format would be best...