We begin to use zeek in this exercise and practice using sorting and grep tools.
Finding the long connect
This next input helps us categorize the information from zeek. These are first two IPs are IP pairs, and the last section is the amount of seconds those two IPs have interacted in 24 hours.
*FYI 24hrs = 86400seconds
Here we're using Zeek
Chris also provided huge hints in the workshop
Also have the Discord Chat opened up to help people if they get stuck.
