Does anyone have examples of how to use splunk search to find out bandwidth utilization by top 10 users in GB?
In general, this way.
... | stats sum(bytes) by user
| sort 10 - user
I am looking in to, index=network tag=web. how do I calculate total bandwidth utilization by top 10 users.
In general, this way.
... | stats sum(bytes) by user
| sort 10 - user