I have configured radware DDOS app into splunk,
I want gather the total amount of traffic from the DDOS app in splunk ( the traffic seems like an attack ) in GB.
the sample query like this.
index="security" sourcetype=DefensePro action="*" policy=* | 'Top_attack_types(*)'
how do I come up with this.