Ad slot: top
GoSplunk SPL + dashboard repository
Log in Register

SPL

Most Active Day and Least Active Day for IIS Web Traffic

IIS
0 0

Description

Submitted by SplunkNinja

The following Splunk query will return the most active and the least active days for web traffic in an IIS environment: 
sourcetype="iis" | bucket span=1d _time | top limit=1 _time | eval Date=strftime(_time, "%m/%d/%Y") | eval Metric="Most Active Date" | append [ search sourcetype="iis" | bucket span=1d _time | rare limit=1 _time | eval Date=strftime(_time, "%m/%d/%Y") | eval Metric="Least Active Date"] | fields - _time, count, percent | fields Metric, Date

Comments

0 total

Be the first to comment on this SPL.

Leave a comment

You must log in to post a comment.

Ad slot: bottom