For example: firewall logs that has the same IPs and ports in Windows of time 10 sec.
Page 1 / 1
Start with the Aggregations function to select the desired data, and use the appropriate Aggregate function for your use case:
https://docs.cribl.io/stream/aggregations-function/
Aggregate events in real time
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.