Splunk Search

How to generate a search to find which Splunk user and URL is generating queries?

Explorer

I need queries like:

which Splunk user generating the query? Output need [ Username, Time, Search Query]

Which Splunk URL is generating the which queries? Output need [Username, Time, URL (Dashboard), Queries generated in that URL]

And also i need "In that URL the queries are generated by Serialized.

For Example: I have 4 users. i have 10 dashboards. i need to find through search which dashboard generating what queries. How many queries are there in particular Dashboard (URL)

0 Karma

Splunk Employee
Splunk Employee

Hi, I think that a good start for you is to look at Splunk's monitoring console. There is a drop down for Search that will show you a dashboard with lots of panels describing the searches running on your Splunk instance.

It has what searches are being run now. As well as a historical view of the searches.

0 Karma

Explorer

Hi thanks for responding, Your answers giving me partial result only.
based on the above question, through query I need a results like table. The table looks like

User Time dashboard name queries (Particular dashboard have queries)

123 12/01/07 splunk health dashboard All the queries which is related to the dashboard

Could you please give me this kind of result

0 Karma

New Member

how do I run a query to get All Social Medial URL from my network using
Palo Alto

0 Karma