Hi jitendragupta,
I use this search to list all connections, see if it answers to your need.

index=_internal sourcetype=splunkd_ui_access user!="-"    
| stats earliest(_time) AS StartTime latest(_time) AS EndTime count by user date_mday    
| join type=left user         [        
     | rest /services/authentication/users                
     | rex field=id "https:\/\/127.0.0.1:8089\/(\w+\/)+(?<user>\w+)"                
     | rename realname AS Name               
     | fields user Name
      ]    
| search Name=*    
| eval         
     Duration=tostring(EndTime-StartTime,"Duration"),        
     StartTime=strftime(StartTime,"%d/%m/%Y %H.%M.%S"),        
     EndTime=strftime(EndTime,"%d/%m/%Y %H.%M.%S")    
| sort Name
| table Name StartTime EndTime Duration

Bye.
Giuseppe