How to easily search for events in a specific time period - Security Business -Macnica

Security business menu

Security business
HOME

To be elected
cause

Service

Handling Manufacturer

Examples/reports/
Blog/Glossary

Seminar/
video on demand

Products/Services

Specifications/Technical Information

Specifications/Technical Information
- Splunk Enterprise features
- Splunk Technology Blog

solution

User stories

Seminar content

Evaluation machine application/FAQ

Application for evaluation machine
- Splunk Evaluation Download
FAQ

Document request

inquiry

video on demand

How to easily search for events in a specific time period

release date: 2018-06-18

last updated: 2018-06-18

version: Splunk Enterprise 6.3.5

Overview: How to easily search for events in a specific time period

Reference information

http://docs.splunk.com/Documentation/Splunk/6.3.5/Data/Aboutdefaultfields

content

Default datetime fields such as date_hour and date_minute can be used to search for events during a specific time period.

Example of use

If you only want to search for events with timestamps between 9:00 and 17:00, add the following condition to your search statement:

(date_hour>=9 AND date_hour<=17)

See the documentation below for a list of Default datetime fields.

http://docs.splunk.com/Documentation/Splunk/6.3.5/Data/Aboutdefaultfields

It is also possible to search using the above fields after specifying a specific period in advance with the time range picker.

that's all

to previous page

In charge of Macnica Splunk Co., Ltd.

inquiry Document request

TEL：045-476-2010
E-mail：splunk-sales@macnica.co.jp

Mon-Fri 8:45-17:30

注意！

お客様のブラウザーの設定は、JavaScriptが無効になっています。
Javascriptを有効にして再読み込みをお願いいたします。

JavaScript is disabled in your browser settings.
Please enable Javascript and reload.