Hello,
I am new to Splunk and I need to get a report showing Firewall transactions with source IP and source port, destination IP and destination port in a table format.
Please help and advice
Something like:
index=firewall | stats count by src, dest, dest_port, src_port
Something like:
index=firewall | stats count by src, dest, dest_port, src_port
Thank you so much. You rock
It works. Thank you