Splunk Search

How to get a logging hours report of the employee in splunk

mputtam
Path Finder

Hi Community,

I Need to find the login hours of the user/employee. Did we see those results in splunk...? Please help me out on this.

Thanks...

Labels (3)

inventsekar
Super Champion

Hi @mputtam You have to provide us few more detailed information.. which application your employee's use to login? are those app login details/logs are ingested into splunk? 

index=<employee email id> --- is generally a wrong process. 

 

index=login-app employee=emp-mail-id (or emp=emp-id or something...) is the right method. 

 

(i have given around 300 karma points so far received badge for that,.. maybe you also give karma points if a post helped you, thx)

PS ... If any post helped you in any way, pls give a hi-five to the author with an upvote. if your issue got resolved, please accept the reply as solution.. thanks.
0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

Logged into where? What data do you have in splunk to help you determine this?

0 Karma

mputtam
Path Finder

Hi,

I believe that Logged in to applications or hosts will be helpful.  If you have any other views that would be helpful to short it out this issue.

 

Thanks...

0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

OK so what data do you already have in splunk?

0 Karma

mputtam
Path Finder

I had written " index=* <user email address> " in the search head which is not useful to me. help me out is there any other way to find the logs.

one of our employee is going to be terminated so we need to monitor the user login hours.

0 Karma

ITWhisperer
SplunkTrust
SplunkTrust

I am afraid I can't help you unless you explain what data you have in splunk. Imagine I asked you to find all the mentions of the name John on my bookshelf. How would you do that? Oh and I also want you to check all the books I have stacked on the floor, but you could only look at them if I put them on the shelf?

0 Karma
Get Updates on the Splunk Community!

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...

Security Highlights | January 2023 Newsletter

January 2023 Splunk Security Essentials (SSE) 3.7.0 ReleaseThe free Splunk Security Essentials (SSE) 3.7.0 app ...