Splunk is a renowned log aggregation tool. It gathers machine generated data and presents it in a very understandable format. It is also used as an SIEM tool and it is quite good at it.
I am doing the TryHackMe Splunk room and will be doing a walkthrough of the same.
Task 1 is basically deploying the machine and waiting for it to load. It will take up some time. Download the quick reference guide in Task 1 and move on to Task 2, the quiz, while the machine loads in the background. Go through the guide once before attempting the quiz.
Task 2: Can you Dig It
#1
search
search command is used to look up for things you actually wanna look up in the whole data.
#2,3
rare command gives you the top 5 or 10 least common result while the top command gives you the top most
#4
index
it's like a repository of the data.
#5
dashboard
#6
dedup
deduplicates data.
#7
transaction
#8
|
pipe
#9
timechart
#10
stats
CHECK BELOW FOR FULL POST
Comments
Post a Comment