I want to search "August 2018 activity on machine DNS-DC-01"
Could you please help me, how to use metadata for particular host ?
I do not have any idea.
thanks in advance
you can try like :
| metadata type=hosts index=* |search host="DNS-DC-01"
you car refer this link for more information about metadata command: https://docs.splunk.com/Documentation/Splunk/7.3.2/SearchReference/Metadata
| metadata index=* type=hosts
| search host=DNS-DC-01
Please convert your comment to an answer and "Accept" it if you feel this answers your question.
But I did not see any data.