-
Enriching Last User Logon to Failed Logon Hint
-
In this video you are provided the remaining information for mapping hostnames to last successful logged on user and hints on enriching failed logons with last known user information.
-
-
Last User Logon Search Criterion Hint
-
In this video you are provided hints to create search filter for the mapping of hostnames to last successful logons.
-
-
Creating the Invalid User Logon Dashboard Answer
-
In this video you are provided with remaining information required to complete your invalid user logon dashboard.
-
-
Standardizing the Username Field Answer
-
In this video you are provided the remaining information required to create the pipeline processing rule to begin standardizing the username field.
-
-
Graylog
-
-
winlogbeat
-
-
Creating an Alert on Invalid User Logon Attempts Answer
-
In this video you are provided the remaining information on creating the alarm to trigger when an invalid logon occurs.
-
-
Filtering Non-User Logons From Dashboard Answer
-
In this video you are provided the remaining information required to filter the non-interact and non-invalid username related activity.
-
-
Enriching Last User Logon to Failed Logon Answer
-
In this video you are provided the remaining information to create the enrichment of last known username on invalid logon attempts.
-
-
Last User Logon Data Enrichment Hint
-
In this video you are provided the remaining information for the search filter and provided hints to begin mapping hostnames to last successful logged on user.
-
-
Lookup Table Creation Hint
-
In this video you are provided hints on creating the lookup table required to enrich last successful logons on failed logons.
-
-
Creating the Invalid User Logon Dashboard Hint
-
In this video you are provided hints to search for the specific data requirements to create your dashboard for invalid user logons.
-
-
Standardizing the Username Field Hint
-
In this video you are provided hints on how to find the index field you will be required to alter, and how to navigate to a pipeline processing rule.
-
-
Virtual Box
-
-
Project Overview and Challenge Documents
-
The challenge files and other documents you will need to complete this project.
-
-
Creating an Alert on Invalid User Logon Attempts Hints
-
In this video you are provided hints on creating an alarm to trigger when an invalid logon occurs.
-
-
Filtering Non-User Logons From Dashboard Hint
-
In this video you are provided hints on finding the information required to filter non-interactive and non-invalid username related activity.
-
Syllabus
Syllabus
Project description
In this project we pick up where we left off with the hands-on activity for data processing. We will take a use case surrounding invalid user logon attempts and standardize our username field, visualize our data with a dashboard, enrich our data with last known user information, and create an alert that triggers with the required information.

Plans & pricing
-
Infosec Skills Personal
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
-
Infosec Skills Teams
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments