My incoming logs has several hosts and many services running in each hosts.
I would like to generate a table from my logs in the below format.
HOST SERVICE
host1 chrome
http
taskmgr
host2 chrome
host3 http
chrome
host4 servicex
What is the splunk command i can use ? Is there any per-defiened command for this fucntion
How about something like this:
... your base search ... | stats values(SERVICE) AS SERVICE by HOST
How about something like this:
... your base search ... | stats values(SERVICE) AS SERVICE by HOST
thanks....