Solved: How to get Splunk access statistics

snevarezh · ‎11-28-2011

We need to provide Splunk user access statistics:

How many user accessed splunk the last month
How many times a specific user acceded to splunk
Top 10 users who acceced to splunk
Top 10 prefered searches

and that kind of reports

MHibbin · ‎11-29-2011

There are also some nice features in the S.o.S (Splunk on Splunk) App around user activity. It was released by Splunk and as such is also supported, it's available here http://splunk-base.splunk.com/apps/29008/sos-splunk-on-splunk. Once installed you can then go to "Search >> UI and User Search Activity". It also has a load of other helpful features for troubleshooting.

View solution in original post

MHibbin · ‎11-29-2011

There are also some nice features in the S.o.S (Splunk on Splunk) App around user activity. It was released by Splunk and as such is also supported, it's available here http://splunk-base.splunk.com/apps/29008/sos-splunk-on-splunk. Once installed you can then go to "Search >> UI and User Search Activity". It also has a load of other helpful features for troubleshooting.

sdwilkerson · ‎11-28-2011

Snvarezh,

Much of what you are looking for is part of a dashboard built-in to the search app.

Go to the search app
On the top navigation, click on status|search activity and look the the data returned by the listed dashboards

Beyond what is there, you can click on view results to get more detail or otherwise tweak the search to more specifically find what you need.

Best,
Sean

How to get Splunk access statistics

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

Splunk Community Badges!

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Join the Conversation