Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How Can I customize Time

clyde772
Communicator
‎01-20-2011 02:49 AM

Hello Gurus!

Here is what I am trying to do. I am trying using Simplified XML, Form to select a certain host and time, that will only analyze selected day's 8:00 - 16:00 time frame data only.

I know you can do this, where I can define into search

date_hour>8 date_hour<18

But when I added this into my form search xml view, the app wouldnt take it.

to summarize

  1. How can I make it so that when the user select a date then it analyze for only that day's 8:00 ~ 16:00 ?

  2. what would be the syntax for defining "every day, 8:00 ~ 16:00" in splunk?

Thanks~!

Tags (1)
0 Karma
Reply

sideview
SplunkTrust
SplunkTrust
‎01-20-2011 03:45 AM

Maybe you're not escaping the < and > characters?

<searchTemplate>... your search here ... date_hour&gt;8 date_hour&lt;18</searchTemplate>

If that's not it, I would post the XML in the question. I'll bet we can figure it out.

Reply

sideview
SplunkTrust
SplunkTrust
‎01-20-2011 04:50 PM

No problem. Believe me it's a common thing lots of people run into. I Go ahead and can accept my answer and/or vote it up so it'll drop off the 'unanswered questions' page.

0 Karma
Reply

clyde772
Communicator
‎01-20-2011 03:30 PM

Nick, Thanks!
It worked. How stupid of me. I appreciate it.

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...