Need to pull logs month wise

rakesh43 · ‎10-29-2018

Hi , I have 13 months of data , need to pull data month wise & year wise

24/10/2018
14:43:50.556

2018-10-24 14:43:50.556, S_DATE="20160208", SCENARIO="Actual", YEAR="2016", PERIOD="Feb", VIEW="YTD", ENTITY="1009", ENTITY_DESC="Test Canada Inc.", MARKET="Canada", ACCOUNT="922002", ACCOUNT_DESC="922002 - Employee Activity Food And Beverages", INTER_ENTITY="[ICP None]", VALUE="[Parent Total]", RC="216102", SUBACCOUNT="000000", INTER_RC="000000", PRODUCT="000000", CUSTOM5="USD_FUNC_Total", DATA_TYPE="Total_Late", DDATA="179.03916480009201"

host = Test

source = test_hist

sourcetype = test_hist

rakesh43 · ‎10-29-2018

Dec 2017 to Dec 2018 date

rakesh43 · ‎10-29-2018

index=test sourcetype=test_hist YEAR = "2017" PERIOD = "Dec" ACCOUNT = 949005 RC = 301873
| eval CC= RC."-".ACCOUNT."-".SUBACCOUNT."-". INTER_ENTITY."-".INTER_RC."-".PRODUCT."-00-0000" , DATE = YEAR."-".PERIOD
| table CC, DATE, YEAR, PERIOD, ENTITY, ACCOUNT, ACCOUNT_DESC, RC, SUBACCOUNT, INTER_RC, PRODUCT, DDATA '

Need to pull logs month wise

See Splunk Platform & Observability Innovations at Cisco Live EMEA

The OpenTelemetry Certified Associate (OTCA) Exam

From Manual to Agentic: Level Up Your SOC at Cisco Live

Join the Conversation

Need to pull logs month wise

See Splunk Platform & Observability Innovations at Cisco Live EMEA

The OpenTelemetry Certified Associate (OTCA) Exam

From Manual to Agentic: Level Up Your SOC at Cisco Live