Skip to main contentSkip to main content
Room Banner
Room Icon

Benign

Premium room

Challenge room to investigate a compromised host.

medium

150 min

37,317

User profile photo.
User profile photo.

To access material, start machines and answer questions login.

We will investigate host-centric logs in this challenge room to find suspicious process execution. To learn more about and how to investigate the logs, look at the rooms splunk101 and splunk201.

Room Machine

Before moving forward, deploy the machine. When you deploy the machine, it will be assigned an IP. Access this room via the AttackBox, or via the at MACHINE_IP. The machine will take up to 3-5 minutes to start. ll the required logs are ingested in the index win_eventlogs.

Answer the questions below
Connect with the lab.

Ready to learn Cyber Security?

The Benign room is only available for premium users. Signup now to access more than 500 free rooms and learn cyber security through a fun, interactive learning environment.

Already have an account? Log in

We use cookies to ensure you get the best user experience. For more information see our cookie policy.