The following splunk query example will return the top 10 most active hosts in a given time range. Active in this instance is determined simply the number of log entries. *NOTE* if the host field is being autoextracted (for instance if you are using a universal forwarder) you will not need the regex command and […]
