Monitoring Splunk
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why is there Splunk Cloud Monitoring Console Inaccuracy?

jamie1
Communicator
‎07-31-2023 07:48 AM

Hi There,

I have just checked the Cloud Monitoring Console after receiving an email that noted some apps were ready to be upgraded to Python 3. I am using Splunk Cloud and saw the following information about my universal forwarders.

I have attached a screenshot, but the date doesn't appear to make sense and the newer version is showing as being outdated.

Any help would be appreciated,

Jamie

Preview file
76 KB
0 Karma
Reply

livehybrid
SplunkTrust
SplunkTrust
‎08-04-2023 03:43 PM

This is because the Cloud Monitoring Console version on your cloud stack does not currently have the support end-dates configured for 9.1.x, the following eval is used to determine the support expiration:

| eval fwd_7_3_eos=relative_time(strptime("22-Oct-2021", "%d-%b-%Y"), "+1d@d"), fwd_8_0_eos=relative_time(strptime("22-Oct-2021", "%d-%b-%Y"), "+1d@d"), fwd_8_1_eos=relative_time(strptime("19-Apr-2023", "%d-%b-%Y"), "+1d@d"), fwd_8_2_eos=relative_time(strptime("12-May-2023", "%d-%b-%Y"), "+1d@d"), fwd_9_0_eos=relative_time(strptime("14-Jun-2024", "%d-%b-%Y"), "+1d@d"), fwd_default_eos=relative_time(strptime("01-Jan-1971", "%d-%b-%Y"), "+1d@d") 
| eval expTimestamp = case( match(version, "^7\.3"), fwd_7_3_eos, match(version, "^8\.0"), fwd_8_0_eos, match(version, "^8\.1"), fwd_8_1_eos, match(version, "^8\.2"), fwd_8_2_eos, match(version, "^9\.0"), fwd_9_0_eos, 1==1, fwd_default_eos)

As you may be able to see, this only currently goes up to 9.0, else it falls back onto "fwd_default_eos" which is the date you're seeing (2nd Jan 1971) 

0 Karma
Reply
Get Updates on the Splunk Community!

Fall Into Learning with New Splunk Education Courses

Every month, Splunk Education releases new courses to help you branch out, strengthen your data science roots, ...

Super Optimize your Splunk Stats Searches: Unlocking the Power of tstats, TERM, and ...

By Martin Hettervik, Senior Consultant and Team Leader at Accelerate at Iver, Splunk MVPThe stats command is ...

How Splunk Observability Cloud Prevented a Major Payment Crisis in Minutes

Your bank's payment processing system is humming along during a busy afternoon, handling millions in hourly ...