Re: Using timestamp as "rising column" in DBconnec...

dailv1808 · ‎01-27-2021

Hi Splunker,

I tried to use timestamp as "rising column" but it didnt work.

Please help!!!

when input type = Rising

dailv1808 · ‎01-28-2021

Need help!!

scelikok · ‎01-28-2021

Hi @dailv1808,

Can you please try formatting TXTIME as epoch format?

If this reply helps you an upvote is appreciated.

scelikok · ‎01-27-2021

Hi @dailv1808,

After changing to Rising mode you have to execute query once. Then you should update your query with where clause. Most probably error reason is checkpoint "?" variable has no value yet.

If that does not work you can update checkpoint value with a valid time value from your results.

If this reply helps you an upvote is appreciated.

dailv1808 · ‎01-27-2021

Hi @scelikok

Thanks for you reply, it doesn't work. When changing to Rising mode, Splunk need filter the rising column with a WHERE statement and sort the results with ORDER BY. "java.sql.SQLException: Invalid column index"

Using timestamp as "rising column" in DBconnect v3: Missing IN or OUT parameter at index:: 1

troubleshooting

Enterprise Security Content Update (ESCU) | New Releases

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We’ve Got Education Validation!