Benign
Premium roomChallenge room to investigate a compromised host.
medium
To access material, start machines and answer questions login.
We will investigate host-centric logs in this challenge room to find suspicious process execution. To learn more about and how to investigate the logs, look at the rooms splunk101 and splunk201.
Room Machine
Before moving forward, deploy the machine. When you deploy the machine, it will be assigned an IP. Access this room via the AttackBox, or via the at MACHINE_IP.
The machine will take up to 3-5 minutes to start. ll the required logs are ingested in the index win_eventlogs.
Ready to learn Cyber Security?
The Benign room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.
Already have an account? Log in