What search syntax to search for VPN log history o...

rhazzaguilar · ‎10-01-2013

What search syntax to search for VPN log history of specific user?

lukejadamec · ‎10-01-2013

search index=yourvpnindex sourcetype=yourvpnsourcetype  "*yourspecificuser*"

More information about what you want out of the search would be helpful.

General rules for an efficient search are to be as specific as possible with the search.

lukejadamec · ‎10-01-2013

Can you run a search in the Search App that shows the logs you're interested in?

If so, then do so. Look to the left. The source, sourcetype, and index will be listed. To find the index you might have to scroll to the bottom and select View All.
Post back what you find along with a pretend user name.

rhazzaguilar · ‎10-01-2013

if I am using Cisco Anyconnect, what will be my vpnindex and vpnsourcetype?

What search syntax to search for VPN log history of specific user?

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?

What search syntax to search for VPN log history of specific user?

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem