Re: How Can I customize Time

clyde772 · ‎01-20-2011

Hello Gurus!

Here is what I am trying to do. I am trying using Simplified XML, Form to select a certain host and time, that will only analyze selected day's 8:00 - 16:00 time frame data only.

I know you can do this, where I can define into search

date_hour>8 date_hour<18

But when I added this into my form search xml view, the app wouldnt take it.

to summarize

How can I make it so that when the user select a date then it analyze for only that day's 8:00 ~ 16:00 ?
what would be the syntax for defining "every day, 8:00 ~ 16:00" in splunk?

Thanks~!

sideview · ‎01-20-2011

Maybe you're not escaping the < and > characters?

<searchTemplate>... your search here ... date_hour>8 date_hour<18</searchTemplate>

If that's not it, I would post the XML in the question. I'll bet we can figure it out.

sideview · ‎01-20-2011

No problem. Believe me it's a common thing lots of people run into. I Go ahead and can accept my answer and/or vote it up so it'll drop off the 'unanswered questions' page.

clyde772 · ‎01-20-2011

Nick, Thanks!
It worked. How stupid of me. I appreciate it.

How Can I customize Time

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...