Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to schedule a search one day a week

cneberg
Explorer
‎04-03-2012 08:41 AM

How do I schedule splunk cron search to run Sunday's at 11:00 pm?

I thought it would be this

00 23 ? * 0

But splunk doesn't appear to support the ? character, which wikipedia says means don't specify the day of the month. I could use an asterisks but I'm guessing that means every day of the month.

0 Karma
Reply

yannK
Splunk Employee
Splunk Employee
‎04-03-2012 09:17 AM

try 0 23 * * 0

the 5th part is for the day of the week (0=sunday)

keep the third with a * it will be controlled by the condition on the day of week.

* * * * * command to be executed

| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)

Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...

Detecting Remote Code Executions With the Splunk Threat Research Team

REGISTER NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If ...

Observability | Use Synthetic Monitoring for Website Metadata Verification

If you are on Splunk Observability Cloud, you may already have Synthetic Monitoringin your observability ...