Splunk Enterprise Security

How to gather total amount of traffic from the Radware DDOS app?

k115
Engager

Hi guys,

I have configured radware DDOS app into splunk,

I want gather the total amount of traffic from the DDOS app in splunk ( the traffic seems like an attack ) in GB.

the sample query like this.

index="security" sourcetype=DefensePro action="*" policy=* | 'Top_attack_types(*)'



how do I come up with this.

Labels (2)
Tags (3)
0 Karma
Get Updates on the Splunk Community!

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...

Credit Card Data Protection & PCI Compliance with Splunk Edge Processor

Organizations handling credit card transactions know that PCI DSS compliance is both critical and complex. The ...

Stay Connected: Your Guide to July Tech Talks, Office Hours, and Webinars!

What are Community Office Hours?Community Office Hours is an interactive 60-minute Zoom series where ...