Hi
i am new to splunk and TH
I want to understand how can i check which all logs are being ingested in my clients splunk architecture
Also , is there a way i can look at clients network architecture from splunk?
Thanks in Advance
Hey @SonakshiRaiTH,
Try running the below query for a short time period. It'll help you identify all the logs that are coming to Splunk or getting monitored by Splunk.
index=_internal source=*.log
| stats count by source
You can check the monitoring console of the environment to have the overview of the Splunk architecture.