Difficulties with Elastic Security SIEM course challenges

Storms · July 28, 2025, 11:08am

Course: Elastic Security for SIEM

Do I need to pass 100% of the CTFd challenges to get a course completed? There are a few challenges that I just can't get right. For example: 5.3 Lens / 1 Destination port.

I do what I think has been asked and the answer that I get from Lens is incorrect (see picture below). I know what the right answer is (I was able to guess it) - but I can't figure out how to get the the correct answer using the tool. It could be that I don't understand the question correctly. I have a few other challenges where I think I'm doing what is being asked but my answers are wrong and it is very frustrating that I can't get a course completed because I can't figure out what the challenge requires.

Similar challenges are the two challenges following this one, 2 record count and 3 summary data. I can't get them right because something is wrong with my search even though to my understanding it should be correct.

Tortoise · July 28, 2025, 11:18am

Hello @Storms

Welcome to the community.

I also faced similar issue highlighted by you. To overcome this i tried using default/existing dashboards in Kibana post that i was able to answer & understood what was missed as i inspected how the dashboard was created & what filters were applied. But yes i also did the same as it was asked in question but answer was always wrong.

Thanks!!

Topic		Replies	Views
Assistance Required to Start Lab in Elastic Security for SIEM (On-Demand) Elastic Training	3	164	July 5, 2025
Challenges Elastic Security for SIEM Elastic Security	1	146	June 28, 2025
Elastic Security for SIEM (On-Demand) module 3 Elastic Training	2	56	September 5, 2025
Elastic Security Fundamentals: SIEM Lab is not working Elastic Training	2	441	August 17, 2022
This site can’t be reached Elastic Training	0	38	May 26, 2025

Difficulties with Elastic Security SIEM course challenges

Related topics