Im totally new at ELK and I need to gain knowledge ASAP to start super fast at light-speed.
My intention is to use it similarly and in comparison with other solutions as splunk, alienvault, etc..
I dont know if ELK can correlate and generate alerts or it is just usefull for log search. So, could it be a sustitute of a SIEM correlator ? (Security event manager and correlator)
Are there VM for vmware already available to download and start playing/learning with them ?
Videos ? for me are much better than a book because it is more practical and much faster than books.
Any help will be very much appreciated.