Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

AUP Dashboard

PJitsme
Engager
‎10-28-2020 04:37 PM

I am trying to create a dashboard to pull information for AUP. 

 

I typed: index=*panlogs

then thought I would try and filter out action=blocked

 

Any suggestions how I can form string correctly to get this info? 

Labels (1)
Labels
Reply

inventsekar
SplunkTrust
SplunkTrust
‎10-28-2020 07:00 PM

Hi @PJitsme on the splunk training page, the fundamentals 1 training is a free one, at your free time i would suggest you to go thru that, which will be very helpful to you, to create good splunk search queries. thanks.

Reply

bowesmana
SplunkTrust
SplunkTrust
‎10-28-2020 05:26 PM

@PJitsme 

Use one of the examples below, depending on whether you want to include or exclude blocked action events.

index=*panlogs action=blocked

OR 

index=*panlogs action!=blocked
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...

Updated Data Management and AWS GDI Inventory in Splunk Observability

We’re making some changes to Data Management and Infrastructure Inventory for AWS. The Data Management page, ...