Hi,
My index contain a column "deliveryDate" with the following format : 2015-10-08
I would build a search to get all data from my index where deliveryDate > dateNow.
I cannot user earliest and latest keyword i think because it is not the same format of date.
Could you help me please ?
Like this:
... | eval deliveryDateEpoch=strptime(deliveryDate, "%Y-%m-%d") | where deliveryDateEpoch>now()