All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk DB Connect: How to convert my database input's date and time format?

jonathan_yan5
Explorer
‎11-25-2016 03:47 AM

Hi,

im having a problem with database inputs conversion of date and time.

my database table date and time format is YYYY-MM-DD/HH:mm:ss but Splunk was able to read this differently.

sample:

"DB table date and time": 2016-11-25/17:56:00

"Splunk converted date and time":
(Record 1) 2016-11-25 7:59:59:000 AM
(Record 2) 2016-11-25 7:59:59:000 AM
(Record 3) 2016-11-25 7:59:59:000 AM

Can this be solved by revising the SQL? or by regex?

0 Karma
Reply

Azeemering
Builder
‎11-28-2016 03:16 AM

Hello,

You should be able to define the timestamp for the specific connection in $SPLUNK_HOME/etc/apps/splunk_app_db_connect/local/inputs.conf

Here you can enter output_timestamp_format = yyyy-MM-dd HH:mm:ss
Did you set this?

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...