Windows Exe Download #4966

Locked Answered by dougburks

marianoka asked this question in General

marianoka
Jul 28, 2021

Hi all!
I just need to find the way to download and exe like doug did at the blog. Any help, welcome.
Thanks
Mariano

Answered by dougburks

Go to Alerts or Hunt and find a log for an EXE. Click on the alert to access the Quick Actions Menu. Then click the PCAP action.

For more information, please see:
https://docs.securityonion.net/en/2.3/alerts.html#actions
https://docs.securityonion.net/en/2.3/hunt.html#actions
https://docs.securityonion.net/en/2.3/pcap.html

View full answer

Replies: 1 comment

dougburks
Jul 29, 2021
Maintainer

Go to Alerts or Hunt and find a log for an EXE. Click on the alert to access the Quick Actions Menu. Then click the PCAP action.

For more information, please see:
https://docs.securityonion.net/en/2.3/alerts.html#actions
https://docs.securityonion.net/en/2.3/hunt.html#actions
https://docs.securityonion.net/en/2.3/pcap.html

0 replies

Answer selected by defensivedepth

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment