Instead of typing in each host one by one in the data field to see when it was last updated, is there a way to run a command search to show me, lets say, all 50 hosts on my network with the last date it was powered on and talked to the gateway/router/network? I want to be able to quickly find all machines that have not been turned on in a while to see if those machines are standalone or machines that are no longer used and can be removed. Is there an event code for sourcetype=network IP access?
... View more