splunk stream

July 1, 2024 · View on GitHub

Expression

product = "splunk stream"

Fields

FieldCoreDetectionInformational
src_mac
bytes_out
dest_mac
bytes_in
bytes

Activity Types

Activity TypeFieldStatusCoreDetectionInformational
dhcp-sessiontransaction_id
ip_lease_time
domain
dns_ip_flow
event_name
router_subnet
router_ip_flow
dns-responseresponse_ttl
time_taken