Tradecraft
The Pursuit of Normal: Alerting on Anomalies using Splunk
It seems strange to talk about normal right now considering that, at the time of writing, a lot of the world is under quarantine. Yet in security, normal is something that is important to know. When creating alerts or analysing logs, you want to be notified when something is not