Avatar

Duane Waddle

Engineer

Splunk Security Product Labs (S2PL)

Duane is an engineer in Splunk Security Product Labs, where he focuses on improving Enterprise Security for large, complex customer environments. Previously he worked as a systems administrator, security engineer, and cloud security practitioner. He's built MSSPs, lead Splunk Professional Services engagements, and helped organizations harden and scale their security platforms. Outside of work he writes code, tinkers with electronics and home-lab projects, plays D&D, and happily disappears into whatever technical rabbit hole grabs his attention that week. He’s also on a quest to see a game in every MLB stadium.

Articles

December 12, 2025

SECURITY

Have You Seen My Domain Controller?

2 min read

Windows clients expose Active Directory DNS queries on public Wi-Fi, risking OSINT and credential leaks. Learn from Cisco Live SOC observations how to protect clients with VPNs .

December 12, 2025

SECURITY

In Splunk, Empty Fields May Not Be Null

2 min read

Splunk's coalesce function treats empty fields as non-null. Learn to use Splunk macros to convert empty strings to nulls for accurate data selection and reliable detections.

December 12, 2025

SECURITY

Firewall and Splunk ESCU Integration at the Cisco Live Melbourne SOC

3 min read

Cisco Live SOC adapted Splunk ESCU detections for Cisco Secure Firewall syslog. Learn to modify macros and promote EVE events to incidents for enhanced threat visibility and response.