Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Script to pull Logs of +/- 1 minute for beacon detection

L1 Bithead

Hello Community,


I am looking for some recommendations on how to review beacon detection.  There is a lot of manual work being done to review each beacon detection.  We seem to be finding it mostly as malware-advertisements from different web pages.  I thought a way to speed this up is to have a process that pulls +/-1 minute worth of logs when beacon detection is alerted on a users.  Does anyone know how to complete this or have recommendations on how to save time for this very manual process?

Who Me Too'd this topic