Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Slpunk DB connect APP

malisushil
New Member
‎02-19-2020 02:38 AM

i am trying to query the Oracle DB using the statement attached in the case, the query works fine for the batch input, but when i try to put rising column and check point value it throws the error as attached in this case. please update on how to proceed in this case.alt text

Preview file
1 KB
0 Karma
Reply

Richfez
SplunkTrust
SplunkTrust
‎02-19-2020 11:53 AM

I'm not sure which side of this equation it's complaining about. A few things to check:

1) Please confirm your source timestamp column is of type TIMESTAMPTZ

2) Try using only one timestamp comparison.

3) Grab a value from the DB for timestamp (any one of them) and try using that particular construct.

A quick search for this shows it looks like your syntax is correct for the to_date, but ... maybe it needs something else.

0 Karma
Reply

malisushil
New Member
‎02-23-2020 01:49 AM

sorry to much oracle for me, can you tell me where to check for the source timestamp column

0 Karma
Reply
Get Updates on the Splunk Community!

Harnessing Splunk’s Federated Search for Amazon S3

Managing your data effectively often means balancing performance, costs, and compliance. Splunk’s Federated ...

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

We’ve been buzzing with excitement about the recent validation of Splunk Education! The 2024 Splunk Career ...

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...