Top 10 most active Users in Linux

linux_secure
SplunkNinja
You already voted!

The following splunk query example will return the top 10 most active users in a given time range

sourcetype=linux_secure | rex "\suser[^'](?<User>\S+\w+)" | top limit=10 User

Share This:

Tagged: linux audit Linux Users top 10

Leave A Comment? Click here to cancel reply.

Newest | Active

Sanjai

Active 10 hours, 25 minutes ago
bewafaha

Active 2 days, 19 hours ago
sadloveshayari

Active 3 days, 17 hours ago
hivatatt

Active 1 week ago
yogesh shingate

Active 1 week, 1 day ago