Congress loves to pass laws regarding "cyber security" without understanding a thing about it. Forget that most attacks are through compromised devices anymore, or via cloud hosts. Most companies that get "hacked" are that way due to poor security in the first place. To think they would be smart enough or robust enough to turn around and hack the people who hacked them, is pure stupidity. Recall that FISMA was suppose to stop the government PC's and networks from being hacked, but it did not, nor did it stop stolen devices from being compromised. SIPR and NIPR were suppose to be separate, but in many cases they run on the same network gear. Congress should get a real CISO in there, to help teach them what security is, before they try anymore laws regarding it.

Wow. If they want me to go see movies more, then make the cost be reasonable and less confusing for people to pick where to go.

For example, in my area, there are 5 AMC theaters close by. Each one has at least 4 ways to see movies, some have 6. On their site, its hard to tell sometimes what the difference is, other than 2 are for 3D movies and 2 are for "regular" (or 3 and 3 for the 6 theater). So I decide I want to see the noon showing of movie X. That used to be a lower cost. Nope, not anymore that is now $10 for cheap / lowest end viewing. You want Atmos (spelling?) sound, that is $15. IMAX is $17. Real 3D is $17.50 and IMAX 3D is $18.50. This does not cound the new GDX or 4K that they are offering....

Oh you want a 32 oz drink, that is $10....

So for me to see the cheap movie X, I am out $25 right off the bat. Oh but wait, you have a new fee (they did get new reserved seating) which is $1.50 per seat, and you have to pay 9% tax on all three items (movie, drink, and seat fee), since the local market hits you with 2% more for "entertainment" and "food". So its almost $30.

Easier to wait, and go big, buying the Bluray/DVD/Digital copy, and still save money.

Last year, before all the theaters upgraded, we were able to see a movie for $5, and get a soda for $5 (still a little high, but that is at least bearable).

Your post was good and well defined. So the question I pose to you, what if the women seeking services are NOT in fact Christians or of the same faith as you? Most of the debates I have heard are how "God would not want this", which means that non-Christians are having Christian beliefs forced upon them. In this nation of freedom to believe what ever religious ways you wish, at what point do we stop using a book for force views upon others??

By that same token, using the book to say "This is God's will" (or other similar statement) begs the alternative questions. IF its God's will and we are created by him to fulfill his desires, why did he not prevent the creation of abortion? Why does he not just stop the process from working?

In other news. Paid Analyst makes up numbers to help improve Apple's stock and further drop the price on Samsung stock........

Actually, I understand exactly what a Search Head cluster (put it behind a Load Balancer to handle the traffic, not the DNS round robin) with multiple Search Heads does. It allows you to share all your user load over several servers, which does help performance, when some people are doing huge searches and some just want to watch a dashboard. Beyond that, not everyone understands that separating your apps over multiple search heads actually helps as well. DBConnect for instance, if you have that on a SH with some other apps, you have a lot of back end work, which will lower your performance. Of course, using Heavy Forwarders to gather data and do some preparsing helps even better.

Having used numerous other SIEM or Log aggregation tools on the market over the last 10 years, I can say that Splunk does scale better than any other commercial SIEM. It also allows you to take any data feed and get results and mappings faster with a lot less work. But just as with any other SIEM, you have to plan out your install and run before you build it or you will kill your performance.

You also have to understand the search formatting. The order of things like Deduping data (or using the NOT perm in a search) matters with Splunk, and affects your performance big time.

As for your statement "Here you are talking about separating search-heads from indexers and you should know that most customers already have small clusters with that separation, and yes performance still sucks." This is contrary to what I have heard. Of the people I know who run Splunk, many did not separate out their install until a year or so into the install. This I think is a failing of the Splunk documentation for real world load. Once you go beyond the 10 gig a day license you MUST separate the servers to keep performance higher. Just like how you should not put ES and the PCI app on the same server (even though its supported)

The SIEMs that use a SQL backend (like LogRhythm) cannot return data as fast as Splunk, nor are they are versatile in allowing searches.

It seems you do not understand how Splunk runs entirely. Running the same searches over and over does nothing to improve performance. Its when you "accelerate" them or add them to a summary index that speeds it up. In a VERY real world environment, I search millions of records many times an hour, depending on what I am looking for or the request I get, Some of these are even over several (or all) of my indexes. Currently my install averages 130 million records a day, from about 15 different source feeds (with many source types per, such as Network gear). When I run some monthly data that is a LOT of records, which pulls in minutes or less.

I would suggest reviewing your SOW with their professional services and asking them to build you out a Index and Search Head cluster. Heck even just separating the search head and indexes to separate servers will improve your performance.

Sounds like you do not have your build setup correctly. If you scale out Splunk correctly, 3 8 core / 8 gig of ram boxes in a Search head cluster, can pull MILLIONS of records in seconds. We went from 2 indexers and one search head, to a Index cluster and Search head cluster, and noticed a 1000% increase in performance. Also pulling in billions of log records a day with no issues. All of our indexers are recycled servers that were EOL.

This sounds interesting, but what about the growing number of people are allergic to Soy? They sure could not consume this.

Water Pistol emoji's with poison do...... damn you Apple and your poisonous ways.....

Um, but WoW has been going for over 10 years, and still have a higher number of players than any other MMO out there. Most MMO's still wish they were even a fraction of successful as WoW.

This is the first big name AR game, and I am guessing that it will get better, and be copied, just like WoW was.

So, having been to court many times, both with a lawyer and acting Pro Se, I can assure you that (in civil court at least), it HAS to be proven that it was actually YOU who did it. A log by itself is not enough.

What I mean by this, a cell phone in my name, could be left on the counter and a child could have used it to make a phone call. While that is my phone and in my name, no one witnessed the call, and the log file cannot attest to it having been me make that call

Not sure about criminal court, but the rules of evidence are the same, so would have to assume that someone would have to witness you doing it or provide attestation that it was truly you. Which would be hard in this case

Another good point.

I believe AC not to be as good a computer forensics expert as he claims.

Once your PC is compromised, nothing can be assured on it, that it is done by the user at the keyboard versus some other malicious actor.

Really, a VPN connection can only be established by you?

Yet if someone else already has access and control of your pc, likely with a keylogger on the pc, what stops them from using the VPN as you? Nothing, that is what.

Maybe cut down on the government waste and actually train the FBI agents better? How many things did they know about in advance and say "Hey this guy is alright" or "Well we should wait till we can get more of the bigger fish through this guy"

Shhhhh, do not mock the FBI here, they could be spying on all of us talking about the F up, again.