I am trying to get a list of new inbound IPs/hosts, which would compare to the old data of the previous month from a firewall checkpoint data source.
We are using Splunk_TA_opseclea - loggrabber.sh for on-boarding the data into Splunk. Can anyone help with the query that collects can bring out the report?