I would say correlations of malware (virus across multiple systems, recurring malware) If you have GTI suscription or any blacklist to see if a machine connects to a bad reputation IP. If you are enforcing DNS on machines there is a correlation when someone tries to connect to another DNS.
You can also take a look at the content packs if any of those make sense to you and you have the needed devices .
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.