Hello, Splunk newbie here. I've been researching this for several days trying several queries and I can't zero in on what I am looking for.
I am trying to develop a dashboard that shows the top 20 internal IPs with,
Like I said, tried several different ways to get this but I can't seem to put all the pieces together.
Thanks and much appreciated!
IIRC, the Splunk Security Essentials app has examples of all of those.