Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Network logs - Join bytes base on unique ip over time

totaro
Explorer
‎04-04-2019 06:20 PM

Hi,

Im trying to generate a table that consolidate the bytes base on unique IP in a day with netflow logs.
In short, im trying to generate a report for the bandwidth used by each of the unique ip
Any help will be appreciated!
e.g.
Date UniqueIP Bytes
1-1-2019 1.2.3.4 500
1-1-2019 2.3.4.5 600
1-1-2019 3.4.5.6 700
Date UniqueIP Bytes
2-1-2019 11.2.3.4 500
2-1-2019 21.3.4.5 600
2-1-2019 31.4.5.6 700

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

vnravikumar
Champion
‎04-04-2019 07:06 PM

Hi

Give a try

your query..| eval Date=strftime(_time,"%d-%m-%Y") 
| stats sum(Bytes) as Bytes by Date,UniqueIP

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

vnravikumar
Champion
‎04-04-2019 07:06 PM

Hi

Give a try

your query..| eval Date=strftime(_time,"%d-%m-%Y") 
| stats sum(Bytes) as Bytes by Date,UniqueIP
0 Karma
Reply
Solved! Jump to solution

totaro
Explorer
‎04-04-2019 07:10 PM

thanks! it work

0 Karma
Reply
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...