Exercise 1

We begin to use zeek in this exercise and practice using sorting and grep tools.

Finding the long connect

This next input helps us categorize the information from zeek. These are first two IPs are IP pairs, and the last section is the amount of seconds those two IPs have interacted in 24 hours. *FYI 24hrs = 86400seconds

Here we're using Zeek
Chris also provided huge hints in the workshop

Also have the Discord Chat opened up to help people if they get stuck.

Always helping others out

Exercise 1 done, onto the next!

PreviousLab 1NextExercise 2

Last updated

Was this helpful?