Building for the Splunk Platform
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Setting earliest_time through Java sdk

Hunterzz
New Member
‎03-27-2019 06:34 AM

i'm using Splunk java sdk to get search result. i want to setup timestamp for my search.

Args oneshotSearchArgs = new Args();
oneshotSearchArgs.put("earliest_time", "2019-02-19T12:00:00.000-07:00");
oneshotSearchArgs.put("latest_time", "2019-02-20T12:00:00.000-07:00");
String oneshotSearchQuery ="search index=app | head 2";

Instead giving date manually, i want to give

earliest_time --> 2 days
latest_time --> now

How can i do it?

0 Karma
Reply

kamlesh_vaghela
SplunkTrust
SplunkTrust
‎04-04-2019 03:14 AM

@Hunterzz

You can specify Splunk time modifier in oneshot arguments. Please check below link for Splunk time modifier example.

https://docs.splunk.com/Documentation/Splunk/7.2.5/Search/Specifytimemodifiersinyoursearch#Examples_...

Please check To run a basic oneshot search and display results
in http://dev.splunk.com/view/java-sdk/SP-CAAAEHQ .

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability Cloud | Customer Survey!

If you use Splunk Observability Cloud, we invite you to share your valuable insights with us through a brief ...

Happy CX Day, Splunk Community!

Happy CX Day, Splunk Community! CX stands for Customer Experience, and today, October 3rd, is CX Day — a ...

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

We’re excited to announce a new Splunk certification exam being released at .conf23! If you’re going to Las ...