-
Open the
firewall.juniper.ssg.traffictable. Notice that the histogram shows the flow of events over a period of time defined beneath, in the time range.
-
Use the time range filter to show only those events ingested today.
Hint: Don’t forget to click on the Apply button!
-
On the data feed below, click to select two or three events (rows) and use the View selected events tool to browse the event data. This tool is accessible from the UI toolbar. Remember that you can also press the spacebar key as a shortcut to opening this tool.
-
Change the name of this query to exercises.basics.one.InitialsMonthDayYearHHmm (for example, "exercises.basics.one.jd041420201750").
-
Hide all fields except eventdate, service, srcIp, and dstIp.
Since you are still here reading, try this: See if you can identify another way of opening data tables.
-
Mark the query as a favorite, then close the query.
-
Return to the finder and confirm that the query appears in your list of favorite queries. Notice how the new name is listed as the Alias while the Table Name is the name of the original data table.
-
Open the Last queries tab and notice that your query is listed. This tab saves a history of the last full year of queries used in this domain.
