This is related to Splunk DB Connect App. While configuring a table with Timestamp column, the timestamp is not getting into effect at the time of indexing, by Splunk.
For example, the table being indexed has say, timestamp value in year, say 2008. After indexing the table, any time charts created using this data is showing timestamp of current time than timestamp in 2008. All all events indexed for this table, fall (wrongly) in the same day & time of indexing.
Could anyone, please point a sample table configuration, specifically, around timestamp format, Output timestamp checkbox, Output format from the UI of DB connect / DB inputs.
How to define the format of timestamp when the underlying DB table has timestamp value in epoch time than in a regular date format (of any typical Database).