Skip to main content
shared header v2
Push Down Banner V1 Analytics Patch, remove after implementing V2 (S9 or S10)
Global nav V2 patch, remove after adding the mobile languages fix in the codebase (S7 or S8)

12 Angry Analysts: Tuning Splunk SOAR events to keep your analysts happy (or at least content)

Overwhelmed by false positives or irrelevant alerts? Wondering how to scale tuning ops to keep your SOC Analysts happy without overextending your automation team? The XDR folks at Accenture Federal would like to offer you a bit guidance, if you will hear it. We hope to provide you with an example of a mature SOAR event tuning solution, and we’ll talk about playbook steps, helpful custom functions you probably don’t have, as well as how to allow your SOC folks to self-service their own requests.