Big data security analytics is an emerging approach to intrusion detection at the scale of a large organization. It involves a combination of automated and manual analysis of security logs and alerts from a wide and varying array of sources, often aggregated into a massive (\"Big\") data repository. Many of these sources are host facilities, such as intrusion-detection systems and syslog, that the authors generically call Security Analytics Sources (SASs). Security analytics are only as good as the data being analyzed. Yet nearly all SASs today lacks even basic protections on data collection.