|
1 |
sourcetype=postfix_syslog host=insertHostnameHere status=sent | timechart span=1d count |
Total number of sent emails per day. Using it for Linux servers that use the Postfix mta.
Nr. of unique visitors per hour timechart
|
1 |
host=insertHostnameHere sourcetype=access_combined | timechart span=1h dc(sourceIP) |
If you have Fieldextraction for the visitor IP’s, in this example named ‘sourceIP’, this simple query will list the number of unique visitors per hour
Worldmap with unique visitors last 24 hours
|
1 |
sourcetype=access_combined | iplocation sourceIP | stats dc(sourceIP) by Country | geom geo_countries featureIdField="Country" earliest=-24h |
Note that ‘sourceIP’ is the name for the IP field. You may already have another fieldname for that extraction. Tested on Splunk Light.
