Logs! Packets! NetFlow! So much data but yet we struggle to wade through the volumes of information being captured. There's visual analysis, "behavioral" analysis, and security analytics (whatever that means). This talk isn't going to wade in on those topics. We simply set out to demonstrate an effective means to answer these simple questions (at lightning speeds): Has this happened before? Or more simply, show me what new things are happening. Is it common or rare for this to happen?