Forum Discussion

Bronze I

23 days ago

Incident Response Introduction to Detection Engineering: Ep.5 – Custom Alerting

Task 3 - Note: It may take a couple of minutes for the token to appear in the index. I'm struggling with the python that it's been taking too long to create a custom_alert_index to autimatically c...

immersive labs

Bronze I

23 days ago

If you figure this one out, please let me know. I've been stuck on this one for multiple days and no luck. I am able to detect the lateral movements associated with the commands psexec, cmd.exe, and sc. But for some reason I am not getting the token after waiting more than 15 minutes and resetting the lab.

Forum Discussion

Incident Response Introduction to Detection Engineering: Ep.5 – Custom Alerting

Featured Places

Help

Related Content

Introduction to Detection Engineering: Ep.5 – Custom Alerting

Introduction to Detection Engineering: Ep.5 – Custom Alerting

Introduction to Detection Engineering: Ep.3 – Parent Processes - Kibana says no

Reverse Engineering

Systems Manager: Introduction - Question 2

Recent Discussions

Need help in Splunk Lab!

AI Agent Governance: Auditing an Over-Privileged Agent

Help with Cross Site Request Forgery (Twooter)

Lesson 7: Windows File Permissions

Templates do not add systems