RBA: a better way to dedup risk events
In this post we’re discussing an advanced way to dedup risk events in your risk alerts (RIRs) and at the same time have the RIR results...
Geeking out on Splunk and IT Security
RBA: a better way to dedup risk events
Linux tips
Splunk workload optimisation
Dashboarding Best Practices, Tips & Tricks
Audit your correlation searches against your own Best Practices automatically
Test your correlation searches end-to-end with Morning Checks
Add an in-splunk after-the-fact Peer Review system for your correlations
Add a simple TODO management system for your correlations
Easy yet powerful submit buttons in your simple XML dashboards