{"id":166,"date":"2020-09-24T20:32:31","date_gmt":"2020-09-24T20:32:31","guid":{"rendered":"https:\/\/arter-demo.bslthemes.com\/?page_id=166"},"modified":"2020-09-24T20:32:31","modified_gmt":"2020-09-24T20:32:31","slug":"blog","status":"publish","type":"page","link":"https:\/\/logsmith.io\/index.php\/blog\/","title":{"rendered":"Blog"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\n\t\t\n\t\t
\n\n\t\t\n\t\t
\n\t\t \t\t \n\t\t
\n\t\t \n\t\t
\n\t\t \n\t\t
\n\t\t \n\t\t

\n\t\t \t\n\t\t \tBlog\t\t <\/span>\n\t\t \t<\/h4>\n\t\t <\/div>\n\t\t \n\t\t <\/div>\n\t\t \n\t\t <\/div>\n\t\t \n\t\t \n\t\t \t\t \t\t \n\t\t
\n\t\t \n\n\n
\n
\n\t \n\t \t\t\n\t\t\t \n\t \n\t
\n\t \t\t\t
\n\t\t\t\n\t\t\t\tOctober 28, 2025<\/span>\n\t\t\t<\/a>\n\t\t\t \/ Masterclass<\/span>\t\t<\/div>\n\t\t\t \n\t \n\t
\ud83d\udd27 Detection-as-Code: What It Really Means<\/h5>\n\t <\/a>\n\t \t \n\t
\n\t \t

Masterclass Series \u2013 Part 2 \ud83e\udded TL;DR: It\u2019s Not Just \u201cPut Your Rules in Git\u201d \u201cDetection-as-Code\u201d sounds like a trendy… <\/p>\n

Read more<\/a><\/div>\n\t <\/div>\n\t \t <\/div>\n\t \n <\/div>\n<\/div>\n\t\t <\/div>\n\t\t \n\t\t \t\t \n\t\t
\n\t\t \n\n\n
\n
\n\t \n\t \t\t\n\t\t\t \n\t \n\t
\n\t \t\t\t
\n\t\t\t\n\t\t\t\tOctober 23, 2025<\/span>\n\t\t\t<\/a>\n\t\t\t \/ Insights<\/span>\t\t<\/div>\n\t\t\t \n\t \n\t
The Cost of Crying Wolf: Why False Positives Are Killing Your SOC<\/h5>\n\t <\/a>\n\t \t \n\t
\n\t \t

Introduction It\u2019s not the alerts you miss that break a SOC \u2014 it\u2019s the thousands you never should have seen… <\/p>\n

Read more<\/a><\/div>\n\t <\/div>\n\t \t <\/div>\n\t \n <\/div>\n<\/div>\n\t\t <\/div>\n\t\t \n\t\t \t\t \n\t\t
\n\t\t \n\n\n
\n
\n\t \n\t \t\t\n\t\t\t \n\t \n\t
\n\t \t\t\t
\n\t\t\t\n\t\t\t\tOctober 16, 2025<\/span>\n\t\t\t<\/a>\n\t\t\t \/ Case Study<\/span>\t\t<\/div>\n\t\t\t \n\t \n\t
When CIM Mapping Goes Sideways: Lessons from a Broken Detection<\/h5>\n\t <\/a>\n\t \t \n\t
\n\t \t

\ud83d\udd0e Introduction Everything looked good on paper:\u2705 The detection rule was written.\u2705 The sourcetype was CIM-mapped.\u2705 The data model was… <\/p>\n

Read more<\/a><\/div>\n\t <\/div>\n\t \t <\/div>\n\t \n <\/div>\n<\/div>\n\t\t <\/div>\n\t\t \n\t\t \t\t \n\t\t
\n\t\t \n\n\n
\n
\n\t \n\t \t\t\n\t\t\t \n\t \n\t
\n\t \t\t\t
\n\t\t\t\n\t\t\t\tOctober 14, 2025<\/span>\n\t\t\t<\/a>\n\t\t\t \/ Masterclass<\/span>\t\t<\/div>\n\t\t\t \n\t \n\t
\ud83e\udde0 Macro-Driven Rule Logic – Splunk Masterclass 1\/5<\/h5>\n\t <\/a>\n\t \t \n\t
\n\t \t

\ud83d\udc4b Welcome to the LogSmith Splunk Masterclass This series is for detection engineers, Splunk admins, and SOC architects who want… <\/p>\n

Read more<\/a><\/div>\n\t <\/div>\n\t \t <\/div>\n\t \n <\/div>\n<\/div>\n\t\t <\/div>\n\t\t \n\t\t \t\t \n\t\t
\n\t\t \n\n\n
\n
\n\t \n\t \t\t\n\t\t\t \n\t \n\t
\n\t \t\t\t
\n\t\t\t\n\t\t\t\tOctober 7, 2025<\/span>\n\t\t\t<\/a>\n\t\t\t \/ Insights<\/span>\t\t<\/div>\n\t\t\t \n\t \n\t
5 Signs Your SIEM Is Too Noisy<\/h5>\n\t <\/a>\n\t \t \n\t
\n\t \t

And what to do about it before your SOC burns out Your SIEM might look functional. It might be alerting…. <\/p>\n

Read more<\/a><\/div>\n\t <\/div>\n\t \t <\/div>\n\t \n <\/div>\n<\/div>\n\t\t <\/div>\n\t\t \n\t\t \t\t \n\t\t
\n\t\t \n\n\n
\n
\n\t \n\t \t\t\t\t\n\t\t\t\"Case\t\t<\/a>\n\t\t\n\t\t\t \n\t \n\t
\n\t \t\t\t
\n\t\t\t\n\t\t\t\tOctober 6, 2025<\/span>\n\t\t\t<\/a>\n\t\t\t \/ Case Study<\/span>\t\t<\/div>\n\t\t\t \n\t \n\t
Case Study : Taming the 21,000-Alert-a-Day SIEM<\/h5>\n\t <\/a>\n\t \t \n\t
\n\t \t

How I helped restore clarity and control to a chaotic Splunk ES environment<\/p>\n\t <\/div>\n\t \t <\/div>\n\t \n <\/div>\n<\/div>\n\t\t <\/div>\n\t\t \n\t\t \t\t \t\t<\/div>\n\t\t\n\n\t\t<\/div>\n\t\t\n\n\t\t\t\t\n\t\t

\n\n\t\t\n\t\t
\n\n\t\t \n\t\t
\n\n\t\t \t\t\t \n\t\t
\n\t\t \t1<\/span>\n2<\/a>\nNext<\/a>\t\t <\/div>\n\t\t \n\t\t \n\t\t \t\t <\/div>\n\t\t \n\n\t\t<\/div>\n\t\t\n\n\t\t<\/div>\n\t\t\n\t\t\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"

Blog September 24, 2020 \/ Design, Events, Technology Follow your own design process. My job is simple and sophisticated, so… <\/p>\n

Read more<\/a><\/div>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"template-layout-builder.php","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"iawp_total_views":1,"footnotes":""},"class_list":["post-166","page","type-page","status-publish","hentry"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/logsmith.io\/index.php\/wp-json\/wp\/v2\/pages\/166","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/logsmith.io\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/logsmith.io\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/logsmith.io\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/logsmith.io\/index.php\/wp-json\/wp\/v2\/comments?post=166"}],"version-history":[{"count":0,"href":"https:\/\/logsmith.io\/index.php\/wp-json\/wp\/v2\/pages\/166\/revisions"}],"wp:attachment":[{"href":"https:\/\/logsmith.io\/index.php\/wp-json\/wp\/v2\/media?parent=166"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}