Splunk IT Service Intelligence

Need to fetch events created in last 30days



I am using below query to fetch change request events created in last 30days...but when i seletc time range i am getting alltime events itseems.

Can anyone suggest how to get events only created in previous month or specific time period.

Query Used:
index=servicenow eventtype=snow_change* sourcetype="snow:change_request" (change_state_name="Work Complete" OR change_state_name=Closed) | dedup number | eval diff=strptime(dv_work_end,"%Y-%m-%d %H:%M:%S")-strptime(dv_work_start,"%Y-%m-%d %H:%M:%S")
| eval Downtime=round((diff/60),3)
| table number Downtime host dv_work_start dv_work_end

Events shown:

100 Per Page
number Downtime host dv_work_start dv_work_end
CHG0129357 300.000 kmci4odw2023 2020-01-19 21:00:00 2020-01-20 02:00:00
CHG0129566 120.000 kmci4odw2023 2020-01-19 23:30:00 2020-01-20 01:30:00
CHG0129494 99.250 kmci4odw2023 2020-01-19 23:48:54 2020-01-20 01:28:09
CHG0129795 4320.367 kmci4odw2023 2020-01-20 10:55:10 2020-01-23 10:55:32
CHG0129116 1110.000 kmci4odw2023 2020-01-20 13:00:00 2020-01-21 07:30:00

Labels (2)
0 Karma

Path Finder


Where do you use this SPL? Are you building a new panel in a dashboard?
If this is your case, you can add a timepicker and link your panel with it.

But anyway, you can restrict your search like this:

index=servicenow eventtype=snow_change* sourcetype="snow:change_request" (change_state_name="Work Complete" OR change_state_name=Closed) earliest=-30d latest=now   |  dedup .......

More info and options here:

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...