Mark Runals' Blog
Some sort of Data/SIEM/InfoSec blog.
Thursday, October 29, 2015
Moving toward Splunk's CIM
›
For those that don't know, for some time Splunk has been moving toward a Common Information Model (CIM). They are using this both a data...
Friday, October 2, 2015
Taming Verbose Windows Logs - Update
›
In looking at the Windows firewall logs coming out of the Security event viewer (mainly 5156) I realized the space in "program files...
Tuesday, August 4, 2015
Does better information sharing require a security clearance?
›
From time to time the topic of information sharing comes up in relation to getting security clearances in order to have more open and timely...
Monday, June 29, 2015
Electronically Aided Collisions and InfoSec
›
Like cruise control for your car, GPS assisted autopilots and the like for boats can help operators with mundane tasks like holding a course...
Saturday, February 7, 2015
Gaining visibiliy to ad-hoc data exports from Splunk
›
Along the same lines of understanding how your users are using Splunk and dovetailing into are users abusing their access to data in Splunk ...
‹
›
Home
View web version