|
3.1 - Discover - Getting Started with Kibana
|
0 - Section Unlocks |
50 |
|
|
3.2 - Discover - Searching with KQL and Lucene
|
0 - Section Unlocks |
50 |
|
|
1 - Setting the Stage
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
2 - Messing with Time
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
3 - Choose Data View
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
4 - Open document
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
5 - Sort by field
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
6 - IDS Data
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
7 - Zeek and you shall find
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
8 - ALL the logs
|
3.1 - Discover - Getting Started with Kibana |
50 |
|
|
1 - Baseline
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
2 - HTTP Logs
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
3 - HTTP Methods
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
4 - HTTP Requests
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
5 - HTTP Responses
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
7 - DNS Domains
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
8 - Networks
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
6 - DNS Logs
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
9 - High Client Ports
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
10 - Between the Lines
|
3.2 - Discover - Searching with KQL and Lucene |
50 |
|
|
4.1 - Visualizations
|
0 - Section Unlocks |
50 |
|
|
1 - Highest External Source IP Log Count
|
4.1 - Visualizations |
50 |
|
|
2 - Responsible Destination IP
|
4.1 - Visualizations |
50 |
|
|
5.3 - Lens
|
0 - Section Unlocks |
50 |
|
|
1 - Destination port
|
5.3 - Lens |
50 |
|
|
2 - Record Count
|
5.3 - Lens |
50 |
|
|
3 - Summary data
|
5.3 - Lens |
50 |
|
|
4 - Record spike
|
5.3 - Lens |
50 |
|
|
6.2 - Dashboards
|
0 - Section Unlocks |
50 |
|
|
7.2 - Security App - Explore
|
0 - Section Unlocks |
50 |
|
|
7.3 - Security App - Detection Rules
|
0 - Section Unlocks |
50 |
|
|
7.4 - Security App - Alerts
|
0 - Section Unlocks |
50 |
|
|
7.5 - Security App - Timelines
|
0 - Section Unlocks |
50 |
|
|
1 - Top Talkers
|
6.2 - Dashboards |
50 |
|
|
2 - Rush hour
|
6.2 - Dashboards |
50 |
|
|
3 - Out of the norm
|
6.2 - Dashboards |
50 |
|
|
4 - Connection count
|
6.2 - Dashboards |
50 |
|
|
5 - Default Time Buckets
|
6.2 - Dashboards |
50 |
|
|
6 - Default Peak Time
|
6.2 - Dashboards |
50 |
|
|
7 - New Time Buckets
|
6.2 - Dashboards |
50 |
|
|
9 - New Peak Time
|
6.2 - Dashboards |
50 |
|
|
10 - Flowing connections
|
6.2 - Dashboards |
50 |
|
|
11 - Byte Size
|
6.2 - Dashboards |
50 |
|
|
12 - HTTP Requests
|
6.2 - Dashboards |
50 |
|
|
13 - Uncommon Status Codes
|
6.2 - Dashboards |
50 |
|
|
14 - Hosts and Ports
|
6.2 - Dashboards |
50 |
|
|
15 - Uncommon Ports
|
6.2 - Dashboards |
50 |
|
|
8 - New Peak Count
|
6.2 - Dashboards |
50 |
|
|
1 - Query types
|
7.3 - Security App - Detection Rules |
50 |
|