I'm using Java SDK to query splunk. I'm getting proper results when I don't give time range to the search query. But when I specify time range I find that the results that are returned doesn't match the time that I give. It always returns the newest results irrespective of the date range that I specify.
Args outputArgs = new Args(); outputArgs.put("output_mode", outputMode); outputArgs.put("earliest_time", "2013-07-29T12:00:00.000"); outputArgs.put("latest_time", "2013-07-30T12:00:00.000");
I tried with relative time and also with the time format - %m/%d/%Y:%H:%M:%S (for this i receive a invalid earliest_time exception).Can you please let me know if the time format that I have specified is not proper. Or do I need to have some additional code to specify time range.
Thanks in advance.
... View more