Hi people, i have a elk working with the logs of a samba file server I want make graphics with unlink file but i have a lot of tmp files, i want filter this archives, i read a bit and only find placing "- " but nothing happend, i have the same result.
example of a log: domain\admin | 192.168.1.30|hostname|domain|unlink|541b4a62.tmp
I want to show only the files actually deleted by the user
Apache Lucene, Apache Solr and all other Apache Software Foundation project and their respective logos are trademarks of the Apache Software Foundation.
Elasticsearch, Kibana, Logstash, and Beats are trademarks of Elasticsearch BV, registered in the U.S. and in other countries. This site and Sematext Group is in no way affiliated with Elasticsearch BV.
Service operated by Sematext