Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Configure an emailed report with timechart to display in local time rather than GMT?

DEAD_BEEF
Builder
‎01-31-2019 01:44 PM

I have a report of proxy logs that is emailed to me every evening. The logs themselves are in GMT. I set the time frame for Today.

When I view the report in my browser, the timechart shows from 00:00 - 24:00 (next day) since my account setting is set to display using my local time. However, the report I receive via email has the timechart start from 05:00 - 05:00 (next day). The report also includes a table below the chart but that shows up fine. People who aren't used to reading GMT have a hard time translating the timechart time to local in their heads.

How can I edit my search query to have the emailed report show the timechart with hours based on my local time? I would accept a hardcoded method that doesn't account for daylight savings if that makes things easier. Then I only have to adjust the report twice a year.

Web view of report (working how I want)
alt text

Emailed PDF of report (not how I want)
alt text

I tried using the solution posted here but none seemed to work for me (in displaying both the graph and table correctly).

Preview file
1 KB
Preview file
1 KB
0 Karma
Reply
Get Updates on the Splunk Community!

Part 2: Diving Deeper With AIOps

Getting the Most Out of Event Correlation and Alert Storm Detection in Splunk IT Service Intelligence   Watch ...

User Groups | Upcoming Events!

If by chance you weren't already aware, the Splunk Community is host to numerous User Groups, organized ...

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...