Unknown search command 'gentimes'.... can anyone h...

accragv1 · ‎10-14-2016

When Trying to run below query in Splunk search:

I am getting this error:
Unknown search command 'gentimes'.

How can I resolve this error??

somesoni2 · ‎10-14-2016

What version of Splunk you're using? Works just fine in Splunk Version 6.5.0 OR any 5/6 version that I've used. It's a search command that is available in search app. Did the permission for this changed and you're executing it from different app then "Search & Reporting"?

accragv1 · ‎10-14-2016

From where can I check if the permission for the "gentimes" command has been changed.. can you point me to some default splunk conf file??

accragv1 · ‎10-14-2016

I am executing it in "Search & Reporting", using Splunk version 6.4.1

somesoni2 · ‎10-14-2016

I don't have a 6.4.1 instance but I was able to run your search just fine from any app on my 6.5.0 and 6.2.6 machine. Could you check if your role has read permission on this search command ? (From app "Search & Reporting", go to Settings->Advanced search -> Search commands and see if you can see gentimes there)

accragv1 · ‎10-14-2016

Thanks somesoni2 ... this helped ... it was disabled in Advanced Search -> Search Commands

Cheers

cmerriman · ‎10-14-2016

It should still be a valid command. What version of Splunk are you using?

http://docs.splunk.com/Documentation/Splunk/6.5.0/SearchReference/Gentimes

accragv1 · ‎10-14-2016

I am using 6.4.1

Unknown search command 'gentimes'.... can anyone help to find if this command has been discontinued in Splunk?

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer at Splunk .conf24 ...

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...