How do I create a search that would display:
The time, user, hostname, and URL those a list of users are visiting.
Not understanding what you're asking for. Are you looking for indexers, source/sourcetype.. etc ?
The events themselves, for example, lines from a log that has been ingested - how you identify users, url, host - or do you already have these fields?
| table _time hostname user url
I have a list of host name I want to search. Basically, with these users, i will to be able to search on what URL's they go to. when they go to them...etc. This is in a secure environment.
Start with some training/tutorials, or perhaps some of the example dashboards and see how you can adapt them to your situation.
Please can you share a sample of the events you have ingested into splunk?
