#23 We can also define data into specific sections of time to be used within chart commands, what command do we use to set these lengths of time? This is different from the previous question as we are no longer collecting for further processing. What command do we include within a search to do just that? #22 We can collect events into specific time frames to be used in further processing. What command do we include within a search to do this? #21 When viewing search results, its often useful to rename fields using user-provided tables of values. #19 How do I specifically include only the first few values found within my search? head #20 More useful than you would otherwise imagine, how do I flip the order that results are returned in? #18 What is the proper name of the time date field in Splunk #17 Its fairly common to create subsets and specific views for less technical Splunk users, what are these called? #15 When performing functions on data we are searching through we use a specific command prior to the evaluation itself, what is this command? eval #16 Love it or hate it regular expression is a massive component to Splunk, what command do we use to specific regex within a search? What is this called? Use the syntax found within the search query rather than the proper name for this. #13 When we import data into Splunk we can view its point of origination from within a system, what is this called? source #14 We can classify these points of origination and group them all together, viewing them as their specific type. #12 When we import data into Splunk we can view its point of origination, what is this called? Im looking for the machine aspect of this here. #11 Data imported into Splunk is categorized into columns called what? #10 gather general statistical information about a search? #9 In performing data analytics with Splunk (ironically what the tool is at its core) its useful to track occurrences of events over time, what command do we include to plot this? #8 'pipe' search results into further commands, what character do we use for this? What command can we include in our search to track how long these event pairs take? #7 Splunk can be used for more than just a SIEM and its commonly used in marketing to track things such as how long a shopping trip on a website lasts from start to finish. #6 Importing data doesnt always go as planned and we can sometimes end up with multiple copies of the same data, what command do we include in our search to remove these copies? #5 We can create 'views' that allow us to consistently pull up the same search over and over again what are these called? #4 When we import data into splunk, what is it stored under? What command can we include within our search to find these?rare #3 What about the inverse? What if we want the most common security event? #2 When searching for values, its fairly typical within security to look for uncommon events. This is a prime example of a slight trick question. What command is this? When performing additional queries to refine received data this command must be added at the start. #1 Splunk queries always begin with this command implicitly unless otherwise specified. #4 If I wanted to exploit a 2020 buffer overflow in the sudo program, which CVE would I $ searchsploit sudo 2020 #3 What is the very first CVE found in the VLC media player? What's the CVE for this $ searchsploit Apache Tomcat 2016 #2 There was a Local Privilege Escalation vulnerability found in the Debian version of Apache Tomcat, back in 2016. WordPress Plugin WPForms 1.5.8.2 - Persistent C | php/webapps/48245.txt #1 What is the CVE for the 2020 Cross-Site Scripting (XSS) vulnerability found in $ searchsploit WPForms
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |