Data model Acceleration Details

This Splunk Search shows you a lot of good information about your data model acceleration and performance.

 

Continue Reading →

Splunk CIM Assist

Got tired of having to go through each data source to determine what indexes should go into the Splunk_SA_CIM search macros, this does the leg work.

Continue Reading →

Listing Data models

Continue Reading →

Find success login after 10 failures with streamstats

If you have the Authentication data model configured you can use the following search to quickly find successful logins after 10 failed attempts!

Continue Reading →

Search Traffic by Source IP

GoSplunk Admin Notes: If you have a data model enabled that matches the search below, this might work for you!

Continue Reading →