hi there
i am new on splunk, our NOC team wants to monitor the bandwidth (incoming and outgoing) on the 2 routers that connect to the Service provider, we want to make the search to be saved as dashboard and refresh every 15 minutes. kindly help with the search query that i can use on the search and reporting app
ov 8 08:55:01 0.0.0.0 name_of_device: 1171348: Nov 8 09:16:12.046 CAT: %SW_DAI-4-DHCP_SNOOPING_DENY: 1 Invalid ARPs (Res) on Gi1/0/40, vlan 110.([0000.0000.0000/0.0.0.0/0000.0000.0000/0.0.0.0/09:16:11 CAT Fri Nov 8 2019])
Nov 8 08:54:51 0.0.0.0 2019 Nov 8 08:54:12.001 CAT: %L2FM-4-L2FM_MAC_MOVE: Mac 0000.0000.0000 in vlan 1000 has moved from Po12 to Po300
Nov 8 08:54:36 name_of_device acllogs: Info: 1573196075.332 0 0.0.0.0 TCP_DENIED/407 0 POST http://name_of_device/SMS_FSP/.sms_fsp - NONE/- - OTHER-NONE-Fcon-NONE-NONE-NONE-NONE-NONE <-,-,-,"-",-,-,-,-,"-",-,-,-,"-",-,-,"-","-",-,-,-,-,"-","-","-","-","-","-","-",0.00,0,-,"-","-",-,"-",-,-,"-","-",-,-,"-",-> -
thanks in advance
... View more