The draft for this project has changed three times since starting – mostly due to resource constraints on my end.  I’ve bounced between hardware, hypervisors, and focus but I’ve settled on an approach.  My immediate needs outweighed the need for…

TCP and UDP are two very different protocols.  I’ve spent a fair amount of time over the years explaining these two issues to our power engineers and technicians.  What better topic to post here.

Here’s a Splunk query to list any changes to privileged Active Directory groups: