Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Slpunk DB connect APP

malisushil
New Member
‎02-19-2020 02:38 AM

i am trying to query the Oracle DB using the statement attached in the case, the query works fine for the batch input, but when i try to put rising column and check point value it throws the error as attached in this case. please update on how to proceed in this case.alt text

Preview file
1 KB
0 Karma
Reply

Richfez
SplunkTrust
SplunkTrust
‎02-19-2020 11:53 AM

I'm not sure which side of this equation it's complaining about. A few things to check:

1) Please confirm your source timestamp column is of type TIMESTAMPTZ

2) Try using only one timestamp comparison.

3) Grab a value from the DB for timestamp (any one of them) and try using that particular construct.

A quick search for this shows it looks like your syntax is correct for the to_date, but ... maybe it needs something else.

0 Karma
Reply

malisushil
New Member
‎02-23-2020 01:49 AM

sorry to much oracle for me, can you tell me where to check for the source timestamp column

0 Karma
Reply
Get Updates on the Splunk Community!

Infographic provides the TL;DR for the 2024 Splunk Career Impact Report

We’ve been buzzing with excitement about the recent validation of Splunk Education! The 2024 Splunk Career ...

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...