Who Me Too'd this topic

Who Me Too'd this topic

L1 Bithead

Script to pull Logs of +/- 1 minute for beacon detection

Hello Community,

 

I am looking for some recommendations on how to review beacon detection.  There is a lot of manual work being done to review each beacon detection.  We seem to be finding it mostly as malware-advertisements from different web pages.  I thought a way to speed this up is to have a process that pulls +/-1 minute worth of logs when beacon detection is alerted on a users.  Does anyone know how to complete this or have recommendations on how to save time for this very manual process?

Who Me Too'd this topic