Hi,
I'm new to LEM, coming from a Splunk background. I'm trying to search through some ASA logs that are being sent to LEM, but I'm having trouble getting what I want out of the nDepth explore window. I'd like to get a table over the last hour of different IP's accessing one of my public servers. If i was in Splunk I'd do a search like "host=myasa destIP=1.1.1.1 | stats count by srcIP" and I would expect a table with srcIP and count. How can I get this from LEM?
Thanks