Skip to content

Opstune.com

Threat Detection Engineering
  • Services
  • Blog
  • Contact
  • About

Category: Splunk

SPL Nuggets: Correlation Searches Quick Metrics

Published 4 December, 2020 by Alex Teixeira in SPL Nuggets

Writing Splunk Enterprise Security Correlation Searches – Best Practices

Published 25 November, 20202 December, 2020 by Alex Teixeira in Splunk

SPL Nuggets: How are my rules performing?

Published 28 September, 202030 September, 2020 by Alex Teixeira in Splunk

How rare is a rare HTTP agent? Context-rich alerts because of math

Published 16 September, 202016 September, 2020 by Alex Teixeira in Analytics, Splunk

Should I date a model? Myths busted!

Published 3 September, 202010 September, 2020 by Alex Teixeira in Splunk

Splunking BOTS V3: Q212, Q214, Q300

Published 9 July, 2020 by Alex Teixeira in Analytics, Splunk

SPL Nuggets: Visualizing RDP/TS Connections from Eventlogs

Published 1 July, 20202 July, 2020 by Alex Teixeira in Analytics, Splunk

Splunking BOTS v3: What Frothly VPN user generated the most traffic? Q330

Published 19 June, 202019 June, 2020 by Alex Teixeira in Analytics, Splunk

Splunking questions from BOTS v3 dataset – Q215

Published 17 June, 202018 June, 2020 by Alex Teixeira in Analytics, Splunk

SIEM tricks: dealing with delayed events in Splunk

Published 13 December, 201611 June, 2020 by Alex Teixeira in Splunk

Posts navigation

← Older posts

Recent Posts

  • SPL Nuggets: Correlation Searches Quick Metrics
  • Writing Splunk Enterprise Security Correlation Searches – Best Practices
  • SPL Nuggets: How are my rules performing?
  • How rare is a rare HTTP agent? Context-rich alerts because of math
  • Should I date a model? Myths busted!

Website Built with WordPress.com.

Cancel