...he values.
I created a query in the calculated fields that should translate all the values in the Action field to the strings allowed and blocked as supposed to be in the NetworkTraffic Data Model....
Hello Everyone,
I am trying to find outliers in connection duration on a specific subnet but having trouble getting the outliers part to show any results. I want to get avg duration of all traffic...
I currently have Splunk Enterprise on prem and want to move to the Cloud. Do we have to have a separate syslog server to collect all networktraffic and have forwarders to send them to Splunk cloud i...
Hi,
I install PAVO NetworkTraffic App for Splunk for splunk enterprise 8.0 (60 day trial), but I does not see any data on dashboard.
I'm just start splunk 2 weeks ago.
I already installed S...
I am trying to search the NetworkTraffic data model, specifically blocked traffic, as follows: | tstats summariesonly=true allow_old_summaries=true count from datamodel="Network_Traffic"."A...
...ould be the reason for this? Troubleshooting attempts made: 1. Confirming with network team that rules are in place. 2. TCP Dump from the dest (HF), packets received. 3. Telnet from UF to dest (9...
Hi all,
Kindly help to modify Query on Data Model networktraffic , I have built the query index=firewall sourcetype="traffic" | stats ,values(dest_port) as d...
I would like to be able to take a general baseline of packet count by source IP address (internal) and source port during a particular point in time and alert when a single IP has a single source por...