Log équipement réseaux LPV | inputlookup wu_devices_dynamic.csv | search device_path = *centre* OR device_path = *chassezac* AND device_type_name = *cisco* | rex field=_raw "%[A-Z0-9]+-(?<severity_level>[0-7])-[A-Z0-9_]+:" | table device_path, device_type_name, device_ip_address, "%SEC-6-IPACCESSLOGNP"

GU chassezac Loire Montpezat Clermont OR device_path="* *" Type équipement switch router device_type_name="* *" OR Marque Hirshmann Cisco ALL device_type_name="* *" OR Période -24h@h now nom * nom="* *" * index="rth" OR index="rth_ge" OR index="rth_med" OR index="rms" OR index="rms_ge" OR index="rms_med" | lookup wu_devices_dynamic.csv device_ip_address as host | search $multiselect_token$ | search $device_type$ | search $multiselect_marque$ | rex field=_raw "%[A-Z0-9]+-(?<severity_level>[0-7])-[A-Z0-9_]+:" | search severity_level = "*1*" OR severity_level = "*2*" OR severity_level = "*3*" | stats sum(linecount) as nblog, values(device_type_name) as type, values(device_name) as nom, values(severity_level) as lvlCritique, values(device_path) as lieu by host | table lieu, nom, type, host, nblog, lvlCritique $filter_period.earliest$ $filter_period.latest$ cellpreview search?q=index ="rms" OR index="rth" | lookup wu_devices_dynamic.csv device_ip_address as host | search severity_id = $row.lvlCritique$ AND $row.host$ index ="rms" OR index="rth" source = udp:514 sourcetype = cisco:ios | addinfo | lookup wu_devices_dynamic.csv device_ip_address as host | search $multiselect_token$ | search $device_type$ | search $multiselect_marque$ | rex field=_raw "%[A-Z0-9]+-(?<severity_level>[0-7])-[A-Z0-9_]+:" | search severity_level = "*1*" OR severity_level = "*2*" OR severity_level = "*3*" OR severity_level = "*4*" OR severity_level = "*5*" OR severity_level = "*6*" | stats sum(linecount) as nblog, values(device_type_name) as type, values(device_name) as nom by host | table nom, type, host, nblog, $filter_period.earliest$ $filter_period.latest$ 30s delay column all progressbar