What is Hunting? I can't tell you how much I hate this question and yet here I am. Poking the bear again. Let's make this quick.
Get an alert from SIEM? That's Triage. Triage turns into confirmation? That's called Incident Response and there's a whole other set of guidelines and process's for that.
Hunting is looking at ways for Evil to do Evil things on your network. This is where cultivated experience and shared expertise come in. Hunting is where nothing is still something. This is where Methodology is born, transformed, refined, burned down and born again. Hunting is a Phoenix, continuously rising from its own ashes.
Maybe I watched Harry Potter last night, so what? Why you asking cop questions? Till next time.