There was a time when security analysts trawled through packet capture and log files trying to identify and diagnose potential intrusions. Looking for a cyber attack within these log files was often likened to trying to find a needle in a haystack.
However, I believe it would be more accurate to say that hunting for an unknown cyber intrusion is more like looking for an unknown needle-sized object that had been broken into pieces and scattered in a large haystack.
