Introduction to Squert

CYBRScore
Cyberscore

Squert is a web-based interface packaged with Security Onion to query and view event data stored in the Sguil database. In this lab, you will learn how to navigate within Squert, view alerts, apply filters to search for specific alerts, as well as extract packet capture files for alerts in order to identify and classify indicators of compromise.

Time
30 minutes
Difficulty
Beginner
Share
NEED TO TRAIN YOUR TEAM? LEARN MORE
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Overview

Squert is a web-based interface packaged with Security Onion to query and view event data stored in the Sguil database. In this lab, you will learn how to navigate within Squert, view alerts, apply filters to search for specific alerts, as well as extract packet capture files for alerts in order to identify and classify indicators of compromise.