Please provide the required code/the search command for each case and instructions (steps) on how to use it on Splunk in order to complete each task.
Scenario: Your boss want to know clients’ Locations in the following 3 cases.
Tool you have: Splunk software.
Data is already loaded into Splunk Database.
Giving functions and Operators: top, iplocation, geostats, where, NOT, |, =, count by.
Giving parameters: clientip, *, “United States”, Country, Region, City
Practicing with your data: clientip=”*”, review the values in the fields of Country, Region, City.
Case 1:
Showing top 20 clients IP address, Country, Region, City.
Hint: clientip, *, |, top
Case 2:
Showing all clients’ location which are in the “United States”.
Hint:
Assembling the functions and parameters: clientip, |, iplocation, where, Country, =, “United States”, geostats, count by
Case 3:
Showing all clients’ location which are NOT in the “United States”.
Hint:
From case 2 added “NOT”