I’m am new to SecOps in general and am trying to be more efficient learning how to use stats and aggs along with combining multiple events. I am running into trouble fully understanding how to achieve exactly what I need. Does anyone have any documentation or resources that can be had to aide in this learning process?
Question
Question for SecOps Power Users
+12Please give one example as guidance :)
PS Have you tried the ‘Generate Query’ ?
The Gemini sidebar can also be useful depending on the question
And on this site from the top menu you can find some great content from the teams, e.g.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.