Solved: How to search for data per month, but only within ...

smart_r · ‎02-23-2016

I would like to extract data per month, but only within a certain time frame.

Say: Extract all data from January, but only within the time frame 07:30 - 12:00.

Thanks in advance.

somesoni2 · ‎02-23-2016

See this similar question.

https://answers.splunk.com/answers/351237/run-a-monthly-performance-report-excluding-mainten.html#an...

Basically, you can use use date_hour and data_minute fields (if available already) to filter events. If they are not available, you can calculate them (from _time) and use the calculated values to filter events.

View solution in original post

somesoni2 · ‎02-23-2016

See this similar question.

https://answers.splunk.com/answers/351237/run-a-monthly-performance-report-excluding-mainten.html#an...

Basically, you can use use date_hour and data_minute fields (if available already) to filter events. If they are not available, you can calculate them (from _time) and use the calculated values to filter events.

smart_r · ‎02-24-2016

Thank you kindly for your reply. This must help 🙂

How to search for data per month, but only within a certain time frame (07:30 - 12:00)?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor