Hi All
I have been using Splunk for a couple of Months now, last month i noticed that the date format was being interpretted differently at the start of the month, i changed some setting and re-indexed and all seemed well. However, the same has happened at the beginning of this month with my data being interpretted in M/D/Y instead of D/M/Y. Again, i re-indexed without changing anything and date was formatted correctly, but new data added is again wrong.
It seems like the initial Bulk index of data is fine and then subsequent "live" indexing gets it wrong when the first day is beneath 12. I am using v4.2.2 and just monitoring a standard text file log like below:
Date Time Ext CO Dial Number Ring Duration Acc code CD
24/07/11 21:44 226 03 00447000000000 00:00'05
25/07/11 07:12 226 04 00447800000000 00:00'05
25/07/11 08:28 108 04 00447800000063 00:00'06
Any help would be much appreciated.
Best Regards
Chris
... View more