Microsoft Sentinel: SOAR Demonstrate your skills
Hello all, I am struggling on question 6 where I feel like I have the Condition portion setup correctly but it won't say that it is completed. The condition is supposed to be within the For Each loop correct? The Condition parameters is: AND - Body Risk = HighKusto Query Language: Ep.9 – Parsing Complex Data Types.
Hi all, I am stuck on Question 6 as part of the KQL Parsing Complex Data Types. I have been doing adaptations of the following query to only get a blank AvgTime table each time. Event_CL | where EventData contains "KB2267602" | extend ParsedData = parse_json(EventData) | summarize AvgTime = avg(todatetime(ParsedData["@time"])) I may be missing something obvious or not, but any help would be thankful.
It seems correct answer is not accepted.
I think my answer is correct, however, it is not accepted. Here is the question: Use replace_string() to remove carriage returns (\r) and newline (\n) literals from the SyslogMessage column. Provide your completed replace_string function as the answer. Here is my answer: replace_string(SyslogMessage, "\\n\\r", "") Whole query: Syslog | extend CleanMSG = replace_string(SyslogMessage, "\\n\\r", "") I might be missing something here, however, can't figure out. Appreciate any hints.Configuring Secure Web Hosting with AWS CloudFront
Hello, Q4 on this lab (Browse to the CloudFront console and click on Create a CloudFront distribution) don't complete even following all the instructions. When the deploy completes, the standard logging appears off: When I click on edit, it shows an IAM error: Anything that I can do from here to complete this task? Regards,Logging and Monitoring in AWS: Demonstrate Your Skills
Hello, In Q3 Creating EventBridge I followed the instructions as exposed, but it didn't Detect the completion. Here's how I structured the Rule: Are there any error on the way I structured the rule (don't think so) or can it be an error on the lab itself (missing content)? Thanks in advance. Regards,
Incident Response and Forensics for EC2: Preparation
Regarding Task 7 in this Lab (Incident Response and Forensics for EC2: Preparation) ---- Create forensics AMI 1/4 I CANNOT find the required AMI "the ubuntu 22.04 ami with ID ami-01dd271720c1ba44f" in the AWS console as shown in the image below: Could you take a look and help me out? Thanks🙂
