Now you can identify when a host is expected and stops sending data. This is what I'd start with for Windows, I'm not sure what I'd do for the other systems or if it's possible, it depends on what's being logged to Splunk from those devices.
Now you can identify when a host is expected and stops sending data. This is what I'd start with for Windows, I'm not sure what I'd do for the other systems or if it's possible, it depends on what's being logged to Splunk from those devices.