Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Pivot with Palo Alto Data

ronaldlb
Explorer
‎06-18-2014 08:11 PM

HI

Can anyone help me with pivot tables in Splunk I am trying to get Palo Alto data to work but it does not give me the report I need. I am looking for user name with time they have visited website and session.

I have this in palo alto but I want a dashboard type experience so I know splunk can do it.

Regards

Ronald

Tags (3)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

btorresgil
Builder
‎06-20-2014 08:27 AM

The Splunk for Palo Alto Networks App has a data model and dashboards built in. There is a dashboard called Web Activity Report that has the websites, you could easily add users to the panels. Or you can use a pivot to build your own by clicking 'Settings' at the top right, then 'Datamodel', select the Palo Alto Networks Logs data model, and click 'Pivot'. Here you can build a pivot with the fields 'user' and 'dst_hostname' to get the report you want.

Splunk for Palo Alto Networks App:

http://apps.splunk.com/app/491/

View solution in original post

Reply
Solved! Jump to solution
Solution

btorresgil
Builder
‎06-20-2014 08:27 AM

The Splunk for Palo Alto Networks App has a data model and dashboards built in. There is a dashboard called Web Activity Report that has the websites, you could easily add users to the panels. Or you can use a pivot to build your own by clicking 'Settings' at the top right, then 'Datamodel', select the Palo Alto Networks Logs data model, and click 'Pivot'. Here you can build a pivot with the fields 'user' and 'dst_hostname' to get the report you want.

Splunk for Palo Alto Networks App:

http://apps.splunk.com/app/491/

Reply
Solved! Jump to solution

ronaldlb
Explorer
‎06-20-2014 08:51 AM

Thank you for your help.

0 Karma
Reply
Solved! Jump to solution

splunker12er
Motivator
‎06-20-2014 06:30 AM

Pivot option is very much helpful to present or generate a dashboard or statistical report from a data source.
You first need to create a proper data model before you pivot. (field extractions, automatic fields, etc..)
Try the sample pivot data models available in your Search application , so you will able to grasp some ideas on its usage.
you have options to transpose the data, stats , etc.. things you are deriving from search query.. you can able to do it graphically in pivot.

0 Karma
Reply
Solved! Jump to solution

ppablo
Retired
‎06-19-2014 04:41 PM

Hi Ronald,

Have you been using the app Splunk for Palo Alto Networks?
http://apps.splunk.com/app/491/

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...

Transform your security operations with Splunk Enterprise Security

Hi Splunk Community, Splunk Platform has set a great foundation for your security operations. With the ...

Splunk Admins and App Developers | Earn a $35 gift card!

Splunk, in collaboration with ESG (Enterprise Strategy Group) by TechTarget, is excited to announce a ...