I successfully completed the challenge - I updated the rule ID and it fired off the correct level. I went to run the script to get the flag and it just keeps responding “I do not see the correct alert level for this event”. I followed identical instructions as the lab walk through in 1.2, achieved the expected results, but am now not able to get the flag. I’m not sure what I’m missing here.
I actually figured out the issue. The instructions said to NOT create a new local rule, but only to edit an existing rule. I started over, and edited the existing rule and it worked - I was able to obtain the flag.
2 Likes