All Apps and Add-ons

How can we update DST timezone in DB connect app

HK123
Loves-to-Learn

Hello All,

 

I having issue with data due to DST timezone update since 29 March as data is coming one hour late in splunk and due to that we are getting false alert.

Can someone guide me how can we update the timezone in DB connect app? also again do we need to make it to default after DST end?


Appreciating your help.

Labels (1)
0 Karma

HK123
Loves-to-Learn

Ok, thanks.

Can you suggest me where should we define timestamp for sourcetype under DB connect app?

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Based on this https://www.aplura.com/assets/pdf/props_conf_order.pdf I try to add it into first full splunk enterprise instance (HF or Indexer).

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

Is this issue in all of your inputs or only some? Sounds like your timestamp field didn't contain timezone information and for that reason it fails when DST will apply.

here is told how you should select timestamp field from your input to get correct timestamp. https://docs.splunk.com/Documentation/DBX/3.8.0/DeployDBX/Createandmanagedatabaseinputs

On answer which could help or not? It's not an exactly same issue that you have.

https://community.splunk.com/t5/Getting-Data-In/How-do-I-get-Splunk-to-recognize-that-daylight-savin...

r. Ismo

0 Karma

HK123
Loves-to-Learn

Hello @isoutamo ,

 

Thanks for replying on my query.

 

I having issue with some of the source type and connection, its not general issue with our env.

If we add the TZ = BST for affected sourcetype/connection but do we need to revert it back once DST end?

And its not feasible way to make changes everytime and have to make it while indexing data.

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

when you are defining the correct timezone it should do that shift automatically when time is.

r. Ismo

0 Karma
Get Updates on the Splunk Community!

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...

Security Highlights | January 2023 Newsletter

January 2023 Splunk Security Essentials (SSE) 3.7.0 ReleaseThe free Splunk Security Essentials (SSE) 3.7.0 app ...