Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Duration Filter without _time

andrehl
Explorer
‎07-31-2018 07:04 PM

Hi Community!
I wanted to create a dashboard that have TWO filters assigned to a graph.

Date:                                              Duration:
2018-08-01                                         6months


My graph x-axis:



2018-03     2018-04    2018-05    2018-06    2018-07    2018-08

Be informed that I do not utilize the built-in Splunk _time system and thus I cannot use the _time input provided in the filter.

I tried using this as my filter code: - strptime("0000-06-00","%Y-%m-%d") but it didnt work.

Thanks guys!

0 Karma
Reply

DalJeanis
SplunkTrust
SplunkTrust
‎08-01-2018 10:22 PM

You probably want to use the relative_time() function to calculate your boundaries.

| eval new_time = relative_time(now(),"-6mon@mon")
0 Karma
Reply

andrehl
Explorer
‎08-07-2018 06:41 PM

sorry, it didn't work for me

0 Karma
Reply

niketn
Legend
‎07-31-2018 11:12 PM

@andrehl you requirement for two inputs is not clear based on details provided. If Date input is not Splunk's Time Picker input, is it html time input?

If so please refer to one of my older answer to use html time input with jQuery (Simple XML JS Extension) to capture selected time and use in Splunk Dashboard as custom token: https://answers.splunk.com/answers/627432/jquery-datepicker-in-splunk.html

You would need to explain more about what is Duration filter? What are its possible values and how is Duration applied to searches along with Date? Is it a Combination of both Date and Duration or only one can be applied at a time?

Please elaborate with meaningful description and data.

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma
Reply

andrehl
Explorer
‎08-07-2018 06:41 PM

Hi @niketnilay, thank you for the feedback! Please pardon my unfamiliarity with programming languages.
My data came from excel files, similar to this:
Date_created
2017-05-13
2017-05-14
2017-07-14
2018-01-05

What I want to do is for the user to select filters (combination of both), Year: 2017 Month: 06, and Duration: Past 6 Months and my dashboard is supposed to only show datas from 2017 January to 2017 June.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...