Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is there internal Splunk data I can search to find the latest timestamp when an app from Splunkbase was installed?

nibinabr
Communicator
‎04-26-2015 07:46 PM

Is there a splunk search that I can use to find the latest timestamp when an app was installed? Is there an internal index that contains this information?

0 Karma
Reply

dolivasoh
Contributor
‎04-26-2015 08:20 PM

Assuming the logs contain something like "installed",

index=blah sourcetype=blah app_name "installed" | stats latest(_time) as Time

0 Karma
Reply

nibinabr
Communicator
‎04-27-2015 06:39 AM

I think my question wasn't clear enough. Which index and sourcetype are you referring to here ? My logs doesn't contain this info. Are there any logs internal to splunk that keeps track of this information ? I'm trying to find the last time an app was installed (or a newer version of the app is installed).

0 Karma
Reply
Get Updates on the Splunk Community!

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...