Reporting
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Pivot with Palo Alto Data

ronaldlb
Explorer
‎06-18-2014 08:11 PM

HI

Can anyone help me with pivot tables in Splunk I am trying to get Palo Alto data to work but it does not give me the report I need. I am looking for user name with time they have visited website and session.

I have this in palo alto but I want a dashboard type experience so I know splunk can do it.

Regards

Ronald

Tags (3)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

btorresgil
Builder
‎06-20-2014 08:27 AM

The Splunk for Palo Alto Networks App has a data model and dashboards built in. There is a dashboard called Web Activity Report that has the websites, you could easily add users to the panels. Or you can use a pivot to build your own by clicking 'Settings' at the top right, then 'Datamodel', select the Palo Alto Networks Logs data model, and click 'Pivot'. Here you can build a pivot with the fields 'user' and 'dst_hostname' to get the report you want.

Splunk for Palo Alto Networks App:

http://apps.splunk.com/app/491/

View solution in original post

Reply
Solved! Jump to solution
Solution

btorresgil
Builder
‎06-20-2014 08:27 AM

The Splunk for Palo Alto Networks App has a data model and dashboards built in. There is a dashboard called Web Activity Report that has the websites, you could easily add users to the panels. Or you can use a pivot to build your own by clicking 'Settings' at the top right, then 'Datamodel', select the Palo Alto Networks Logs data model, and click 'Pivot'. Here you can build a pivot with the fields 'user' and 'dst_hostname' to get the report you want.

Splunk for Palo Alto Networks App:

http://apps.splunk.com/app/491/

Reply
Solved! Jump to solution

ronaldlb
Explorer
‎06-20-2014 08:51 AM

Thank you for your help.

0 Karma
Reply
Solved! Jump to solution

splunker12er
Motivator
‎06-20-2014 06:30 AM

Pivot option is very much helpful to present or generate a dashboard or statistical report from a data source.
You first need to create a proper data model before you pivot. (field extractions, automatic fields, etc..)
Try the sample pivot data models available in your Search application , so you will able to grasp some ideas on its usage.
you have options to transpose the data, stats , etc.. things you are deriving from search query.. you can able to do it graphically in pivot.

0 Karma
Reply
Solved! Jump to solution

ppablo
Retired
‎06-19-2014 04:41 PM

Hi Ronald,

Have you been using the app Splunk for Palo Alto Networks?
http://apps.splunk.com/app/491/

0 Karma
Reply
Get Updates on the Splunk Community!

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

The Transformative Power of AI and ML in Enhancing Observability   In the realm of IT operations, the ...

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...