how to visualize access_combined in splunk ?

omaromar123 · ‎08-29-2019

i am new on splunk and i just want to monitor my network to test splunk, but nothing seems to work \
i am getting really frustrated and lost
i want to be able to view traffic on my network on splunk on my pc
can someone plz help i would much appreciate it 🙂

solarboyz1 · ‎08-29-2019

That's a pretty broad question. Do you have the data in Splunk? What are you trying to visualize (Access by user, event codes by time, etc..).

Have you looked at/installed the add-on? https://splunkbase.splunk.com/app/3434/

omaromar123 · ‎08-29-2019

i want to vuisualize my networking traffic, like http requests, tcp or udp

omaromar123 · ‎08-29-2019

i will download the add on u provided me to test it out
Thanks X)

Sukisen1981 · ‎08-29-2019

hi @omaromar123
I am assuming you have gone through this - https://docs.splunk.com/Documentation/Splunk/7.3.1/Data/MonitorWindowsnetworkinformation
if you are on windows, can you tell us what error you are facing?

omaromar123 · ‎08-29-2019

yes i have done this but i am not getting any results.
i am on windows and i would like to visualize the network traffic on my pc like tcp traffic, http requests, ..

how to visualize access_combined in splunk ?

Fun with Regular Expression - multiples of nine

[Live Demo] Watch SOC transformation in action with the reimagined Splunk Enterprise ...

What’s New & Next in Splunk SOAR

Are you a member of the Splunk Community?

how to visualize access_combined in splunk ?

Fun with Regular Expression - multiples of nine

[Live Demo] Watch SOC transformation in action with the reimagined Splunk Enterprise ...

What’s New & Next in Splunk SOAR