Archive
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

what is use of diff command

maheshsat
Explorer
‎03-15-2018 05:11 AM

Hi , I tried understanding diff command from spunk.doc unable to understand,could you please let me know use of diff command what exactly it does , it would be great if given in answer with example.Thanks

Tags (1)
Reply

p_gurav
Champion
‎03-15-2018 05:38 AM

Hi,

Diff command will give you difference between two search results. Refer below link for example:
https://answers.splunk.com/answers/151315/how-to-find-differences-between-two-searches-with-set-diff...

Reply

logloganathan
Motivator
‎03-15-2018 05:25 AM

diff can be used to get the difference between the epoch time.
Please see the below example where i used this query for setting my alert

your base query | eval MyDate=strptime(date,"%d %b %Y %H:%M:%S") | fieldformat StartTime=strptime(MyDate, "%Y-%m-%d %H:%M:%S") | eval Diff=tostring((StartTime-EndTime),"duration")

Reply
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!