Hey team,
I have one requirement i.e have to Create a splunk dashboard to report the # of Logins , # of Logouts
The input for the Splunk report should be as follows :
Input dropdown - Time Picker, Customer, Host Name
Either identify using probe data or Splunk Command metrics
Output for the following metrics should be shown as a timegraph with # of logins, logouts ,
the graph should consists of time,which host and which customer we are using.and the query also should have the tokens when i ran the query can you give me the search query for this requirement.I used multiple queries but am not getting the exact data.
Can you help me with the query.Thanks.
Hi @anu1
,the dashboard is very easy, but it requires a preparation that depends on the number of data sources that you want to display in this dashboard.
In few words, you should:
tag=$tag$ host=$host$ UserName=$user$
| table _time tag HostName UserName IP_Source
the three tags in the main search come from three inputs.
Let me know if you need help to create the dashboard that's very easy.
Ciao.
Giuseppe
Sure.Thank you.
Hi @anu1 ,
let us know if we can help you more, or, please, accept one answer for the other people of Community.
Ciao and happy splunking
Giuseppe
P.S.: Karma Points are appreciated by all the contributors 😉
Please share the search so far and some sample data then we might be able to help you with the search query.