#siem

Splunk for Blue Team: SPL Queries and Investigation Patterns

Architecture, essential SPL commands, and real investigation patterns from a SOC perspective