Splunk Notes: Difference between revisions

From Federal Burro of Information
Jump to navigationJump to search
No edit summary
No edit summary
Line 9: Line 9:


  host="10.35.12.161" | chart count by _time
  host="10.35.12.161" | chart count by _time
grep -v
host="10.35.12.161" NOT "slapd"

Revision as of 21:08, 7 May 2013

host="10.35.12.1" | stats count by action, host

Fortigate by country: 

host="10.35.12.1" | stats count by src_country

log lines by time 

host="10.35.12.161" | chart count by _time

grep -v 

host="10.35.12.161" NOT "slapd"
Retrieved from "https://wiki.quadratic.net/index.php?title=Splunk_Notes&oldid=1651"