Time Range for a scheduled alert

bshuford · ‎02-04-2011

I'm trying to schdule an alert to report on the last month of logs.

I want the scheduled alert to report last month and snap to the month

I'm putting in under the time range section -1mon@mon

but I seem to be getting -30d

so I get the last 30 days not the last month.

Ideas?

msettipane · ‎02-04-2011

-mon@mon will snap to the beginning of the last month. Have you tried adding a latest time?

So your search would look over this time period: earliest = -mon@mon latest = @mon.

msettipane · ‎02-09-2011

You need a latest time. earliest= -mon@mon latest=@mon (this will push the latest to 12:00AM on Feb 1).

bshuford · ‎02-04-2011

I just did -mon@month and it gave me jan 1 - feb 4 (Today). How do I snip off the 4 days in feb?

bshuford · ‎02-04-2011

That was the first thing I did. I get entries from Today back a month.