Boss of the SOC (BOTS) Dataset Version 3

This is a sample security dataset and a Capture The Flag (CTF) platform designed for information security professionals, researchers, students, and enthusiasts.

This page contains information about the version 3 dataset. If you would like to access the scoreboard software, please visit the CTF Scoreboard GitHub repository. For the BOTS version 2 dataset, you can find it here. Similarly, if you need the BOTS version 1 dataset, it is available here. Download Dataset: - **Description:** BOTS V3 Dataset - **Size:** 320.1MB - **Format:** Pre-indexed - **MD5:** d7ccca99a01cff070dff3c139cdc10eb Installation: To install, download the dataset file mentioned above and verify the MD5 hash to ensure data integrity. Then, install Splunk Enterprise along with the apps/add-ons listed in the Required Software section below.

It is crucial to ensure that you are using the correct version of each app and add-on. Begin by unzipping or untarring the downloaded file into the directory $SPLUNK_HOME/etc/apps. After that, restart Splunk. You will be able to access the BOTS v3 data by executing the search: index=botsv3 earliest=0. Please note that since the data is provided in a pre-indexed format, there are no volume-based licensing limitations to worry about. The included data sourcetypes are access_combined and alte.