Skip to content

Opstune.com

Threat Detection Engineering

Services
Blog
Contact
About

Category: Analytics

How rare is a rare HTTP agent? Context-rich alerts because of math

Published 16 September, 202016 September, 2020 by Alex Teixeira in Analytics, Splunk

Splunking BOTS V3: Q212, Q214, Q300

Published 9 July, 2020 by Alex Teixeira in Analytics, Splunk

SPL Nuggets: Visualizing RDP/TS Connections from Eventlogs

Published 1 July, 20202 July, 2020 by Alex Teixeira in Analytics, Splunk

Splunking BOTS v3: What Frothly VPN user generated the most traffic? Q330

Published 19 June, 202019 June, 2020 by Alex Teixeira in Analytics, Splunk

Splunking questions from BOTS v3 dataset – Q215

Published 17 June, 202018 June, 2020 by Alex Teixeira in Analytics, Splunk

JIRA workflow for Detection Engineering teams

Published 11 June, 202011 June, 2020 by Alex Teixeira in Analytics

SPL Nuggets: Know your admins – from eventlogs!

Published 5 June, 202011 June, 2020 by Alex Teixeira in Analytics

SIEM use cases development workflow – Agile all the things!

Published 15 October, 201711 June, 2020 by Alex Teixeira in Analytics

It’s about time to change your correlation searches timing settings

Published 1 June, 201711 June, 2020 by Alex Teixeira in Analytics

Mapping SDLC to security use cases development process

Published 2 March, 201711 June, 2020 by Alex Teixeira in Analytics

Posts navigation

← Older posts

Search for:

Recent Posts

Writing Splunk Enterprise Security Correlation Searches
SPL Nuggets: How are my rules performing?
How rare is a rare HTTP agent? Context-rich alerts because of math
Should I date a model? Myths busted!
Splunking BOTS V3: Q212, Q214, Q300

Website Built with WordPress.com.

Post to

Cancel