Hello, Splunk newbie here. I've been researching this for several days trying several queries and I can't zero in on what I am looking for.
I am trying to develop a dashboard that shows the top 20 internal IPs with,
1. highest # of connections
2. longest connections
3. sending the most data
Like I said, tried several different ways to get this but I can't seem to put all the pieces together.
Thanks and much appreciated!
↧