In a sea of millions of security events, one workstation literally stood out, floating high above all the others when I transformed flat logs into a 3D visualization.
This is incredible. I've done some meta-scoring style stuff before:
https://splunk.github.io/rba/searches/risk_incident_rule_ideas/#events-from-multiple-sourcetypes
but I *love* the idea of giving labels to other things to dc() on for more dimensionality. Definitely going to build on this! Thank you. ✨
Your welcome Haylee (RBA Queen) ping me if you want to flush out any extra ideas. 😎
This is incredible. I've done some meta-scoring style stuff before:
https://splunk.github.io/rba/searches/risk_incident_rule_ideas/#events-from-multiple-sourcetypes
but I *love* the idea of giving labels to other things to dc() on for more dimensionality. Definitely going to build on this! Thank you. ✨
Your welcome Haylee (RBA Queen) ping me if you want to flush out any extra ideas. 😎