Purpose
This use case allows you to visualize Windows Activity Activeboard using synthetic sample data and it is composed of one injector to simulate the attack and one receptor to monitor it.
Launch Windows Activity AB
To launch the Use Case go to Exchange in the navigation pane. Look for the Use Case and click Launch to install the injector and the receptor. Once they are installed, an Open button will display. Click Open to see the alert showing detections.
Exploring the Use Case
This Use Case shows a complete DoS attack. It is composed of one injector, which will inject synthetic data of windows logs and then install the Windows Activity Activeboard - if you don’t have it installed in your domain -.