Hi
I have a "Saved Report" (Named- GetIP), which finds unique IP passed through firewall for th Last 30 days. It reports data approximately 5,000,000 rows.
Search is like this:
index=myIPIndex | stats max(_time) as LastSeen,Count by foundIP | convert ctime(LastSeen) | sort -LastSeen
I am using C# SDK 2.0. Can someone provide working example to retrieve all 5,000,000 rows? I am getting only first 10,000 rows which is max row defined by Splunk.
Thanks
↧