I would like to search for the IP address from all Index Patten.
All Index Patten got the same field call "s.ip".
Can we search like Splunk "index:* s.ip:192.168.1.1"?
Do you have an index pattern that covers all your indices?
Should be no, can you show me the steps?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.