Ad slot: top
GoSplunk SPL + dashboard repository
Log in Register

SPL

Search Traffic by Source IP

datamodels

Description

Submitted by pradeep577

GoSplunk Admin Notes: If you have a data model enabled that matches the search below, this might work for you!
2 0 
| datamodel Network_Traffic All_Traffic search | search All_Traffic.src_ip=10.x.x.x | stats count by All_Traffic.src_ip, All_Traffic.dest,All_Traffic.action, dstcountry | dedup All_Traffic.dest

Comments

0 total

Be the first to comment on this SPL.

Leave a comment

You must log in to post a comment.

Ad slot: bottom