All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk app for puppet, all searches are limited to 8:00 to 9:00 AM?

grundsch
Communicator
‎07-23-2013 12:29 AM

Hi Simony,

Looking at various searches, I can see that you are limiting results to 8:00 - 9:00 every day: for example, earliest=-5d@d latest=-4d@d (date_hour="8" OR date_hour="9")

is it because in your setup, you are running puppet only once a day? Shouldn't it be removed for the general case?

steph

Tags (1)
0 Karma
Reply

gavsdavs_GR
Path Finder
‎09-01-2017 03:40 AM

Yanick, did this ever get into a git repo ?
I have been making this work in our environment and I have some fixes which might help (and some questions if you have time)

0 Karma
Reply

simony
Path Finder
‎07-23-2013 01:44 AM

Hi Steph

Oh this is a fault of mine. I thought that I have taken out all those times limitations.
In wich view do you found it? Reports? I will remove it in a new version. Yes our setup with puppet is that it runs every day 8-10 clock. Remove the date_hour and then it takes the wohle day.

yanick

0 Karma
Reply

grundsch
Communicator
‎07-23-2013 01:51 AM

Hi Yanick,
yeah, a little bit everywhere 🙂
If you could do a grep for date_hour on your files, you will find them. (I currently do not have command line access to the server... can't do it myself).
Regards,
Stéphane

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

If you’re unfamiliar, .conf is Splunk’s premier event where the Splunk community, customers, partners, and ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to Officially Supported Splunk ...