Reporting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to include search start and end date of the search in email subject?

tomasz
Engager
‎11-17-2022 03:00 AM

Hi all

I would like to include the start and end date of my search in the email subject. For example, 'The results from 2022-11-01 to 2022-11-11'. I tried the email tokens $job.earliestTime$ and $job.latestTime$ but they also give me time which just obscures the title. Is there any way to retrieve just the dates? Any help much appreciated.

Cheers

Tom

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

PaulPanther
Motivator
‎11-17-2022 03:35 AM

Use addinfo and then use $result.search_starttime$ & $result.search_endtime$ in your alert action

 

| addinfo
| eval search_starttime = strftime(info_min_time, "%Y-%m-%d")
| eval search_endtime = strftime(info_max_time, "%Y-%m-%d")
| table search_starttime search_endtime

 

 

View solution in original post

Reply
Solved! Jump to solution
Solution

PaulPanther
Motivator
‎11-17-2022 03:35 AM

Use addinfo and then use $result.search_starttime$ & $result.search_endtime$ in your alert action

 

| addinfo
| eval search_starttime = strftime(info_min_time, "%Y-%m-%d")
| eval search_endtime = strftime(info_max_time, "%Y-%m-%d")
| table search_starttime search_endtime

 

 

Reply
Solved! Jump to solution

tomasz
Engager
‎11-17-2022 04:11 AM

Hi Paul

Your answer has done exactly what I wanted.

Thank you very much.

 

0 Karma
Reply
Solved! Jump to solution

PaulPanther
Motivator
‎11-17-2022 05:09 AM

Great!Can you please Accept my answer?

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...