TryHackMe Splunk walkthrough

Bymihir

Splunk is a renowned log aggregation tool. It gathers machine generated data and presents it in a very understandable format. It is also used as an SIEM tool and it is quite good at it.

I am doing the TryHackMe Splunk room and will be doing a walkthrough of the same.

Task 1 is basically deploying the machine and waiting for it to load. It will take up some time. Download the quick reference guide in Task 1 and move on to Task 2, the quiz, while the machine loads in the background. Go through the guide once before attempting the quiz.

Task 2: Can you Dig It

#1
search
search command is used to look up for things you actually wanna look up in the whole data.

#2,3
rare command gives you the top 5 or 10 least common result while the top command gives you the top most

#4
index
it’s like a repository of the data.

#5
dashboard

#6
dedup 
deduplicates data.

#7
transaction

#8

pipe

#9
timechart

#10
stats

#11
fields

#12
host

#13
source

#14
sourcetype

#15
eval

#16
rex

#17
pivot tables

#18
_time

#19
head

#20
reverse

#21
lookup

#22
bucket

#23
span

#24
count

#25
splunkbase.splunk.com

#26
apps

#27
security operations center

#28
security information and event management

#29
boss of the soc
you can just see this given in Task 3 description.

#30
common infromation model
Splunk CMI

#31
answers.splunk.com

Task 5: Advanced Persistent Threat 

#1
40.80.148.42

#2
Acunetix

#3
192.168.250.70

#4
Joomla

#5
23.22.63.114

#6
12345678

#7
yellow

#8
batman

#9
6

#10
92.17

#11
412

#12
3791.exe

#13
AAE3F5A29935E6ABCC2C2754D12A9AF0

#14
poisonivy-is-coming-for-you-batman.jpeg

#15
prankglassinebracket.jumpingcrab.com

#16
23.22.63.114

#17
[email protected]

#18
9709473ab351387aab9e816eff3910b9f28a7a70202e250ed46dba8f820f34a8

#19
53 74 65 76 65 20 42 72 61 6e 74 27 73 20 42 65 61 72 64 20 69 73 20 61 20 70 6f 77 65 72 66 75 6c 20 74 68 69 6e 67 2e 20 46 69 6e 64 20 74 68 69 73 20 6d 65 73 73 61 67 65 20 61 6e 64 20 61 73 6b 20 68 69 6d 20 74 6f 20 62 75 79 20 79 6f 75 20 61 20 62 65 65 72 21 21 21

#20
Steve Brant’s Beard is a powerful thing. Find this message and ask him to buy you a beer!!!

Task 6: Ransomware

#1

192.168.250.100

#2

MIRANDA_PRI

#3

Miranda_Tate_unveiled.dotm

#4

4490

#5

192.168.250.20

#6

solidaritedeproximite.org

#7

mhtr.jpg

#8

3968

#9

2816763

#10

406

#11

257

#12

cerberhhyed5frqa.xmfir0.win

Similar Posts

Google XSS Game

Bymihir

So Google has this xss game where you can practice or test your xss vulnerability skills. You will have to make your own xss payloads as per the scenario of the task and get through the levels. I have just found out this website and I’ll try to do it and post my solutions with…

Leave a Reply

Your email address will not be published. Required fields are marked *