Skip to content
Threat Detection Engineering
SPL Nuggets: Correlation Searches Quick Metrics
Writing Splunk Enterprise Security Correlation Searches – Best Practices
SPL Nuggets: How are my rules performing?
How rare is a rare HTTP agent? Context-rich alerts because of math
Should I date a model? Myths busted!
Splunking BOTS V3: Q212, Q214, Q300
SPL Nuggets: Visualizing RDP/TS Connections from Eventlogs
Splunking BOTS v3: What Frothly VPN user generated the most traffic? Q330
Splunking questions from BOTS v3 dataset – Q215
SIEM tricks: dealing with delayed events in Splunk
Add your thoughts here... (optional)