Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Time Range Picker & Cron Schedule

saurabhkunte
Path Finder
‎06-16-2014 02:33 AM

Hello All,

Hoping one of you can help solve the following :

This is what I want to achieve for a search which I need to display on a dashboard

  • Have a saved search run every 3rd day of month.( This i can easily get done by cron schedule )

  • The above saved search when it runs every 3rd day of the month should pick the raw events between 1st & 3rd of that same month.

So series of schedules of this search will be :

Search runs on 3rd July with Time range of events from 1st July to 3rd July

Search runs on 3rd of Aug with Time range of events from 1st Aug to 3rd Aug

...
...

Any ideas how I can solve this ? Thank you.

Reply
1 Solution
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎06-16-2014 02:43 AM

Hi saurabhkunte,

you can use the advanced time range options for this. Try something like this for your searches:

 your base search earliest=-0mon@mon latest=-0mon@mon+2d@d | ...

this will search for the time range between 6/1/14 12:00:00.000 AM and 6/3/14 12:00:00.000 AM if the search was run today (16th of June 2014).

hope this helps ...

cheers, MuS

View solution in original post

Reply
Solved! Jump to solution
Solution

MuS
SplunkTrust
SplunkTrust
‎06-16-2014 02:43 AM

Hi saurabhkunte,

you can use the advanced time range options for this. Try something like this for your searches:

 your base search earliest=-0mon@mon latest=-0mon@mon+2d@d | ...

this will search for the time range between 6/1/14 12:00:00.000 AM and 6/3/14 12:00:00.000 AM if the search was run today (16th of June 2014).

hope this helps ...

cheers, MuS

Reply
Solved! Jump to solution

MuS
SplunkTrust
SplunkTrust
‎06-16-2014 09:02 AM

Sure, this will work for each month the search runs

0 Karma
Reply
Solved! Jump to solution

saurabhkunte
Path Finder
‎06-16-2014 07:49 AM

Thank you very much MuS.

This works well. Just to confirm this would work also for subsequent monthly runs ? Thanks again.

Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI! Discover how Splunk’s agentic AI ...

[Puzzles] Solve, Learn, Repeat: Dereferencing XML to Fixed-length events

This challenge was first posted on Slack #puzzles channelFor a previous puzzle, I needed a set of fixed-length ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...