Splunk Notes: Difference between revisions

From Federal Burro of Information
Jump to navigationJump to search
No edit summary
No edit summary
Line 9: Line 9:


  host="10.35.12.161" | chart count by _time
  host="10.35.12.161" | chart count by _time
grep -v
host="10.35.12.161" NOT "slapd"

Revision as of 21:08, 7 May 2013

host="10.35.12.1" | stats count by action, host

Fortigate by country:

host="10.35.12.1" | stats count by src_country

log lines by time

host="10.35.12.161" | chart count by _time

grep -v

host="10.35.12.161" NOT "slapd"