Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

This is a question about preparing BOTS Day.

mal4ensics
Explorer
‎01-09-2020 06:46 AM

Hello.
I am a Korean university student studying Digital Forensics (incident Response).

I want to study splunk and participate in BOTS Day.
I think it will be a process to become a security expert.

However, "https://www.splunk.com/en_us/blog/security/boss-of-the-soc-2-0-dataset-questions-and-answers-open-so..." seems to require the Enterprise version to handle dataset for BOTS Day.

"https://www.splunk.com/en_us/download/get-started-with-your-free-trial.html" states that the Enterprise version is only available for 60 days.

Do I have to purchase the Enterprise version to prepare for BOTS Day?
Can't I prepare for BOTS Day and get good results with Splunk Phantom Free Community Edition?

Thank you.

0 Karma
Reply

wmyersas
Builder
‎01-09-2020 08:02 AM

You can use the full edition of Splunk for 60 days for free

When is the BOTS Day?

Just install Splunk less than 60 days before BOTS Day

0 Karma
Reply

mal4ensics
Explorer
‎01-09-2020 08:09 AM

But i need to practice with dataset. I need a much longer period than 60 days 😞

0 Karma
Reply

wmyersas
Builder
‎01-09-2020 08:11 AM

So ... Install Splunk, load the dataset, and play with it

If it doesn't continue to work after the install flips to free mode in 60 days, remove Splunk, reinstall, and reload the dataset

0 Karma
Reply

mal4ensics
Explorer
‎01-09-2020 08:16 AM

Thank you 🙂

Reply

richgalloway
SplunkTrust
SplunkTrust
‎01-09-2020 06:59 AM

Based on my last BOTS experience, you do not need Phantom or Splunk Enterprise Security to prepare for BOTS Day. Nor do you need to purchase Splunk as the free version should be enough.

Consider downloading the BOSS of the SOC (BOTS) Advanced APT Hunting Companion App for Splunk (https://splunkbase.splunk.com/app/4430/) as a study guide.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

mal4ensics
Explorer
‎01-09-2020 07:15 AM

Thank You.

Happy new year !

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...