Explore practical strategies for baselining security log and event data in this BSidesLV conference talk. Delve into the importance of establishing normal patterns, hunting for anomalies, and effectively managing log data. Learn about normal and non-normal distributions, Windows event rates, and techniques for visualizing data. Discover how to identify and handle outliers using methods like QQ plots and the Three Sigma Rule. Examine real-world use cases, including RDP access analysis, and understand the requirements and event sources for effective baselining. Gain insights into log reduction techniques and weekend data patterns. Equip yourself with the knowledge to create meaningful baselines and enhance your security monitoring capabilities.