Friday’s here, and so is the Knowledge Bits Digest! 💡
This time, we’ve gathered a set of practical tips and actionable insights for #Splunk users. Dive into the latest articles from SOC Prime experts to sharpen your skills:

Splunk: Using collect Command for Creating New Events in a New Index
https://socprime.com/blog/collect-command-for-creating-new-events-in-a-new-index/
Using map Command in Splunk
https://socprime.com/blog/using-the-map-command-in-splunk/
Splunk: How to Write a Query to Monitor Multiple Sources and Send Alert if they Stop Coming
https://socprime.com/blog/splunk-how-to-write-a-query-to-monitor-multiple-sources-and-send-alert-if-they-stop-coming/
Fields Aren’t Always Faster, Keyword Searches to Speed Up Splunk
https://socprime.com/blog/fields-arent-always-faster-keyword-searches-to-speed-up-splunk/
Making Use of Fillnull and Values() to Increase Rule Resiliency in Splunk
https://socprime.com/blog/fillnull-and-values-to-increase-rule-resiliency-in-splunk/
Creating Macros for Code Reuse in Splunk
https://socprime.com/blog/knowledge-bits/creating-macros-for-code-reuse-in-splunk/
Splunk: How to Make Lookup Based on Wildcards
https://socprime.com/blog/splunk-how-to-make-lookup-based-on-wildcards/
Splunk: How to Output Nested json as One Field
https://socprime.com/blog/splunk-how-to-output-nested-json-as-one-field/
Learn, engage, and stay tuned to foster knowledge-sharing together!

#KnowledgeBits #SOCPrime