Purpose
This use case allows you to visualize Windows Activity Activeboard using synthetic sample data and it is composed of one injector to simulate the attack and one receptor to monitor it.
Launch Windows Activity AB
To launch the Use Case go to Exchange in the navigation pane. Look for the Use Case and click Launch to install the injector and the receptor. Once they are installed, an Open button will display. Click Open to see the alert showing detections.
Stop use case
You can always stop the injection by clicking on the Stop use case button.
Exploring the Use Case
This Use Case shows a complete DoS attack. It is composed of one injector, which will inject synthetic data of windows logs and then install the Windows Activity Activeboard - if you don’t have it installed in your domain -.
Content | Name | Type |
---|---|---|
Injector | Synthetic data | |
Receptor | Activeboard |