Dashboards & Visualizations
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to create a dashboard to show the use activity

Mfmahdi
Path Finder
‎08-13-2023 06:48 AM

How to create a dashboard to show the activities of the users specially uploading files. Kindly

 

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎08-20-2023 10:34 PM

Can you find by looking through your logs any data which indicates the behaviour you are looking for?

View solution in original post

0 Karma
Reply
Solved! Jump to solution

VatsalJagani
SplunkTrust
SplunkTrust
‎08-14-2023 12:25 AM

@Mfmahdi - You can start by searching below into your internal logs, which has both file names that were uploaded and user names who uploaded it.

index=_internal "/services/receivers/stream"

 

From here you have to first complete the search query and click on save as dashboard from your search page.

 

I hope this helps!!!

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎08-13-2023 10:11 AM

What events have you ingested into Splunk?

0 Karma
Reply
Solved! Jump to solution

Mfmahdi
Path Finder
‎08-14-2023 01:18 AM

we logs from linux and windows but most of our servers they are linux @ITWhisperer 

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎08-14-2023 01:33 AM

Please share some anonymised examples of the events you are interested in

0 Karma
Reply
Solved! Jump to solution

Mfmahdi
Path Finder
‎08-14-2023 03:31 AM

I 'm not allowed to search any logs. but what we are looking for is a dashboard that show is any user is uploading files in our environment @ITWhisperer  

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎08-14-2023 03:37 AM

How do you propose to detect whether a file has been uploaded if you don't have access to any logs?

Please describe your environment in a bit more detail and what capabilities you do have.

0 Karma
Reply
Solved! Jump to solution

Mfmahdi
Path Finder
‎08-20-2023 05:31 AM

we do have access to all the logs, we have PowerShell , sysmon and linux ...

we need to know is any user is uploading file through PowerShell or sysmon or any data source that usually the SOC can monitor. we need to create a dashboard that shows any files activity @ITWhisperer thank you in advance 

0 Karma
Reply
Solved! Jump to solution
Solution

ITWhisperer
SplunkTrust
SplunkTrust
‎08-20-2023 10:34 PM

Can you find by looking through your logs any data which indicates the behaviour you are looking for?

0 Karma
Reply
Get Updates on the Splunk Community!

Developer Spotlight with William Searle

The Splunk Guy: A Developer’s Path from Web to Cloud William is a Splunk Professional Services Consultant with ...

Major Splunk Upgrade – Prepare your Environment for Splunk 10 Now!

Attention App Developers: Test Your Apps with the Splunk 10.0 Beta and Ensure Compatibility Before the ...

Stay Connected: Your Guide to June Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...
Top