Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to create a macro for the below scenario?

pavanae
Builder
‎09-12-2016 07:37 PM

I have a search as follows

earliest="08/01/2016:00:00:01" latest="08/01/2016:23:59:59" getABCsWin("XYZ","abc12345678")

Now how can I add the time format string as mentioned below for all the searches contains unique search string "getABCsWin"

timeformat="%d/%m/%Y:%H:%M:%S”

What condition and search string etc should I have to use for creating a macro?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

pavanae
Builder
‎09-15-2016 11:46 AM

I reposted the question with complete details as below

https://answers.splunk.com/answers/451277/how-to-and-where-can-i-add-the-timeformat-string-t.html?ut...

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

pavanae
Builder
‎09-15-2016 11:46 AM

I reposted the question with complete details as below

https://answers.splunk.com/answers/451277/how-to-and-where-can-i-add-the-timeformat-string-t.html?ut...

0 Karma
Reply
Solved! Jump to solution

sundareshr
Legend
‎09-13-2016 04:54 AM

What would you like the macro to do? Can you share some examples?

0 Karma
Reply
Solved! Jump to solution

pavanae
Builder
‎09-13-2016 06:47 PM

when any splunk search runs with the word "getABCsWin"(in any dashboard or alert etc etc). I want the string timeformat="%d/%m/%Y:%H:%M:%S” to be added to that search. So that i can get the output as i needed i.e; in the DD/MM/YYYY format.

0 Karma
Reply
Get Updates on the Splunk Community!

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...