Skip to content
Threat Detection Engineering
Writing Splunk Enterprise Security Correlation Searches
SPL Nuggets: How are my rules performing?
How rare is a rare HTTP agent? Context-rich alerts because of math
Should I date a model? Myths busted!
Splunking BOTS V3: Q212, Q214, Q300
SPL Nuggets: Visualizing RDP/TS Connections from Eventlogs
Splunking BOTS v3: What Frothly VPN user generated the most traffic? Q330
Splunking questions from BOTS v3 dataset – Q215
SIEM tricks: dealing with delayed events in Splunk
Splunk/ES: dynamic drilldown searches