Hi all, i'm new to splunk. I've managed to get it set up and imported a load of Apache log files. When I search by host, it shows all the logs but I can't quite work out the next step.
Ultimately I would like to produce a chart/graph of the number of times an ip address appers in the events, and splunk has correctly identified the date/time stamp, and sorted accordingly. I can see the ip addresses in the event (, but can't work out how to get the data into a graph format.
There doesn't seem to be a IP address field, how do I use splunk to extract the IP addresses from the logs?
I'm sure this is quite a basic thing to do, i'll continue my research online.
Thanks.