Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Network logs - Join bytes base on unique ip over time

totaro
Explorer
‎04-04-2019 06:20 PM

Hi,

Im trying to generate a table that consolidate the bytes base on unique IP in a day with netflow logs.
In short, im trying to generate a report for the bandwidth used by each of the unique ip
Any help will be appreciated!
e.g.
Date UniqueIP Bytes
1-1-2019 1.2.3.4 500
1-1-2019 2.3.4.5 600
1-1-2019 3.4.5.6 700
Date UniqueIP Bytes
2-1-2019 11.2.3.4 500
2-1-2019 21.3.4.5 600
2-1-2019 31.4.5.6 700

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

vnravikumar
Champion
‎04-04-2019 07:06 PM

Hi

Give a try

your query..| eval Date=strftime(_time,"%d-%m-%Y") 
| stats sum(Bytes) as Bytes by Date,UniqueIP

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

vnravikumar
Champion
‎04-04-2019 07:06 PM

Hi

Give a try

your query..| eval Date=strftime(_time,"%d-%m-%Y") 
| stats sum(Bytes) as Bytes by Date,UniqueIP
0 Karma
Reply
Solved! Jump to solution

totaro
Explorer
‎04-04-2019 07:10 PM

thanks! it work

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...