Hi,
Is there a way to calculate a time span from start to stop position using java sdk.
e.g. 11012012 12:00:01 PM Start ... ....
11012012 12:30:01 PM Stop
and result would be 30 min.
Thanks, Sanjay
If this log file is in Splunk, you could try:
search_foo | transaction host startswith="Start" endswith="Stop"
The resulting "duration" field will tell you how long it took.
http://www.splunk.com/base/Documentation/5.0/SearchReference/Transaction
View solution in original post
If the answer solved your problem, please click the check box to the left to "accept" the answer.
Thanks for prompt response. I was able to get desire result.
Those events are in a log file. I would like to get 30 min as answer or list of those time period if there are multiple Start/Stop (matching first to first)
Are you trying to parse this from events returned from a search? Where are you getting these times from?
