How do I aggregate multiple logs into a single output?
Tony Reinke - Cribl
Posts: 134 admin
For example: firewall logs that has the same IPs and ports in Windows of time 10 sec.
Tagged:
0
Best Answer
-
Start with the Aggregations function to select the desired data, and use the appropriate Aggregate function for your use case:
https://docs.cribl.io/stream/aggregations-function/
Aggregate events in real time0
Answers
-
Start with the Aggregations function to select the desired data, and use the appropriate Aggregate function for your use case:
https://docs.cribl.io/stream/aggregations-function/
Aggregate events in real time0