Find duplicate events

Hygiene
gr33nlant3rn
You already voted!

index=<specify index>
| eval x=sha256(_raw)
| stats count values(host) values(source) values(sourcetype) values(index) by x
| where count>1

Share This:

Tagged: duplicate hash

Leave A Comment? Click here to cancel reply.

Newest | Active

Iryna

Active 20 hours, 36 minutes ago
tenderpale6

Active 1 day, 3 hours ago
theproducer

Active 1 day, 8 hours ago
selljacket4

Active 1 day, 17 hours ago
gulzarshayari

Active 2 days, 3 hours ago