Thanks Someoni2, thats very helpful.
Hi Martin,
This is my inputs.conf posted.
[default]
host = mahmud-X551CA
[tcp-ssl:]
[tcp:192.168.1.88:23]
Which I think may have been incorrect accroding to the file that someoni2 posted.
And sorry for the bad description of look at an IP adress. I should of said look for any data recieved from a specific IP Address.
I am currently doing a university project and I am trying to find out how Splunk can alert me if any connections or data is received from specific IP addresses without using any apps.
Thanks.
... View more