Newbie here with Splunk searching and regex...
I've been tasked to geo map out email activity across the company based on user locations along with the top communicators. They already have data in Splunk (index=msexchange). If anyone has done this or knows how I can map this data out (from index=msexchange), that would be great!
Addt'l possibly Interesting fields:
sender
recipients
original_client_ip
recipient_count
Thanks for any help!
↧