Last active
December 18, 2019 16:20
-
-
Save neilstuartcraig/b1532e63b8080616ea26 to your computer and use it in GitHub Desktop.
List all hosts (servers, network appliances etc. including those whose hostname is just an IP address) which have at least 1 event logged into Splunk in the last 24 hours.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| index=* earliest_time=-24h host=* | eval h=lower(host) | stats values(h) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello Team,
I am new to Splunk, One of my clients give me the access to his Splunk, I need to search for the error logs but I don't have the Hostname or IP address of any of the production server, is there any way I can find the hostname and IP address from the query.