Ad slot: top
GoSplunk SPL + dashboard repository
Log in Register

SPL

Count of Unique Users in a Linux Environment

linux_secure

Description

Submitted by SplunkNinja

This splunk query will return the total number of unique users in a given time range.  
1 0 
sourcetype=linux_secure | rex "\suser[^'](?<User>\S+\w+)" | stats dc(User)

Comments

0 total

Be the first to comment on this SPL.

Leave a comment

You must log in to post a comment.

Ad slot: bottom