https://blog.zachristensen.com/ro tips and occasionally helpful information from a security enthusiast. 2026-03-25T22:00:10-06:00 Zachary Christensen https://blog.zachristensen.com/ Jekyll © 2026 Zachary Christensen /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png 2025-04-24T00:00:00-06:00 2025-04-24T00:00:00-06:00 https://blog.zachristensen.com/genai-secops/ Zachary Christensen

Traditional reactive models are no longer sufficient in today’s cyber threat landscape. PRE Security was founded on a bold premise: what if organizations could predict cyber events before they cause damage, much like the weatherman predicts the weather? Turning this vision into a reality required addressing a longstanding cybersecurity challenge: data ingestion and normalization. Solving th...

2023-10-30T00:00:00-06:00 2023-10-30T14:05:26-06:00 https://blog.zachristensen.com/splunk-hostname-tracking/ Zachary Christensen

Keeping track of the relationship between hostnames and IP addresses over time gives important context during incident response or any other forensic activity. This article will walk through one way to accomplish this in Splunk. Time-based looks are a great way to track artifacts that change over time. This is just one example of how to leverage them. The Problem It may be challenging to...

2023-06-29T20:25:00-06:00 2023-06-30T16:21:09-06:00 https://blog.zachristensen.com/splunk-the-nginx-proxy-manager/ Zachary Christensen

The Nginx Proxy Manager is an effortless way to expose services securely. This pre-built docker image enables you to easily forward to your websites running at home or otherwise, including free SSL, without knowing too much about Nginx or Letsencrypt. What this guide is This guide will show you one way to visualize the Nginx proxy data in Splunk. What this guide is not Detailed procedures t...

2023-03-31T00:00:00-06:00 2023-07-01T01:06:30-06:00 https://blog.zachristensen.com/soar-powershell/ Zachary Christensen

Splunk SOAR helps you as a security analyst to focus on what’s essential, security—taking away meaningless time on tasks that could easily be automated. As a former security analyst, one thing I found annoying was spending time on activities that I knew I could automate. I eventually created simple scripts to aid in my incident response so I was not spending time just getting the information I...

2023-01-11T00:00:00-07:00 2023-07-01T01:06:30-06:00 https://blog.zachristensen.com/risk-notable-urgency/ Zachary Christensen

In Splunk Enterprise Security, the Urgency levels for the out-of-the-box Risk notables will not be assigned correctly. Add this simple solution to fix it. By default, a risk object’s priority is not taken into account for the Urgency of a Notable event, even if it is configured in the Asset and Identity (A&I) database. The Notable Event’s Urgency level can help an analyst prioritize which ...