I attended the Austin ISSA-sponsored Advanced Splunk Training session on March 6. As always, the ISSA chapter delivered meaty technical training, and it was free! The event was co-sponsored by BSides and Splunk.
While all kinds of interesting Splunk technical info was presented, for me, the most interesting part was hearing from Michael Gough and some other security practitioners at the event about what people really monitor. As a technology provider, we are not always privy to what people are really doing with our tools, so it was an eye-opener for me.
Here are some of the things security guys monitor. Of course they monitor other stuff too, but this is what we can share in mixed company
And if you are a Security Guy, please check out our SIEM, SolarWinds Log & Event Manager. It's an understated, affordable, full-function SIEM that can help you pwn the bad guys.