Hi, I have a search -
index=ABC sourcetype=XYZ
| stats values(user), dc(user) as usercount by region
| eval region = region." (".usercount.")"
| fields - usercount
| transpose...
I'm trying to create a report that will show me users who accessed a website (linkedin.com) . Fairly straight forward, but I am not the best dashboard / report creator. Using what I have from our ent...
To meet an internal security requirement I must encrypt data at rest in some locations. I'd like this data in Splunk but must obviously decrypt it first. I see three possibilities.
1) Decrypt be...
...oughly 4 rotations worth of data a day. We also see regular messages lining with the extractions that we're exceeding the thruput maxKBps limit, which right now is at the default. From rough napkin math t...