Complete each of these search exercises in whatever tool you use in your

organization. If you don't have access to a search tool, you can use the course VM.

Attempt each of these now, but don't worry about spending too much time on them
yet. I just want you to give them a try. After doing so, watch the next videos on
mastering search tools, perform some research as I'll guide you there, and return
to these exercises.

Search for all network communication within a specific time range (a few
seconds)
Take the previous search, and exclude one host
Take the previous search, and only include common HTTP ports (you can start
with 80 and 8080).
Search for every host OS log containing the Parent Image field
Search for every executed process that contains the string *power*
Search for every executed process that begins with the string *anti*
Search for every executed process that ends with the string *update*
Search for every HTTP transaction where the username contains the string
*chrome* and then search for lowest version number within the results
Search for a URI containing the string �/?id=� (escaped chars)
Repeat the previous search, but only match values where the equal sign is
followed by at least 3 numbers. Use regular expressions to accomplish this.
Search for any HTTP response code that is greater than or equal to 500
Take any of the above searches and export your results into another format
(CSV, JSON, XML, etc).