Which document provides information on best practices for writing Splunk-based hunting queries, predefined queries which may be customized to hunt for suspicious network connections, and predefined queries which may be customized to hunt for suspicious processes?
The document that provides information on best practices for writing Splunk-based hunting queries, predefined queries which may be customized to hunt for suspicious network connections, and predefined queries which may be customized to hunt for suspicious processes is 'Hunting and Investigation'. This document focuses specifically on the activities involved in hunting and investigating suspicious activities.
B. Hunting and Investigation question keyword "hunt"