Monthly Archives: November 2015

SIEM T.N.G.

To SIEM or not to SIEM? Whether or not to implement a SIEM solution generally comes down to if you have a dedicated team to care and feed it. To…

The Official Way To Comment Splunk SPL

Over the years, I’ve written some crazy long searches in Splunk. When searches get to 30-40 lines, its a really good idea to comment it, so that when it comes…