Splunk Search

Dashboard Title - Display date as DD/MM/YYYY

marziaolla
Path Finder

Hello there,
idk how to display the date in the title of the dashboard format as DD/MM/YYYY, not in epoch format
alt text

Here it is the source code:

<form>
  <label>TEST ORA</label>
  <fieldset submitButton="false"></fieldset>
  <row>
    <panel>
      <title>$field1.earliest$</title>
      <input type="time" token="field1">
        <label></label>
        <default>
          <earliest>1508450400</earliest>
          <latest>1508623200</latest>
        </default>
      </input>
      <event>
        <search>
          <query>index=test "CURRENT LOGGED USER"</query>
          <earliest>$field1.earliest$</earliest>
          <latest>$field1.latest$</latest>
          <sampleRatio>1</sampleRatio>
        </search>
        <option name="count">50</option>
        <option name="list.drilldown">none</option>
        <option name="list.wrap">1</option>
        <option name="maxLines">5</option>
        <option name="raw.drilldown">full</option>
        <option name="rowNumbers">0</option>
        <option name="table.drilldown">all</option>
        <option name="table.sortDirection">asc</option>
        <option name="table.wrap">1</option>
        <option name="type">list</option>
      </event>
    </panel>
  </row>
</form>

Can someone help me?

TNX :slightly_smiling_face:

0 Karma

niketn
Legend

@marziaolla, were you able to try out any of the answers provided below?

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

niketn
Legend

@marziaolla, as @cmerriman has pointed out addinfo command is one of the ways to add Search Job Earliest Time and Latest Time. Other option would be to use default tokens for Job which can be accessed in search event handlers. Refer to one of my answers which illustrates both examples. You can use the toking for String Time to display time in String format of your choice(using strftime()) instead of epoch time.

https://answers.splunk.com/answers/578984/running-one-of-two-searches-based-on-time-picker-s.html

____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
0 Karma

cmerriman
Super Champion

try doing this:

<form>
   <label>TEST ORA</label>
   <fieldset submitButton="false"></fieldset>
   <row>
     <panel>
       <title>$timelabel$</title>
       <input type="time" token="field1">
         <label></label>
         <default>
           <earliest>1508450400</earliest>
           <latest>1508623200</latest>
         </default>
       </input>
<search>
    <query>|makeresults|addinfo</query>
    <earliest>$field1.earliest$</earliest>
    <latest>$field1.latest$</latest>
          <progress>
            <eval token="timelabel">strftime($result.info_min_time$,"%d/%m/%Y")</eval>
          </progress>
  </search>
       <event>
         <search>
           <query>index=test "CURRENT LOGGED USER"</query>
           <earliest>$field1.earliest$</earliest>
           <latest>$field1.latest$</latest>
           <sampleRatio>1</sampleRatio>
         </search>
         <option name="count">50</option>
         <option name="list.drilldown">none</option>
         <option name="list.wrap">1</option>
         <option name="maxLines">5</option>
         <option name="raw.drilldown">full</option>
         <option name="rowNumbers">0</option>
         <option name="table.drilldown">all</option>
         <option name="table.sortDirection">asc</option>
         <option name="table.wrap">1</option>
         <option name="type">list</option>
       </event>
     </panel>
   </row>
 </form>
Get Updates on the Splunk Community!

See just what you’ve been missing | Observability tracks at Splunk University

Looking to sharpen your observability skills so you can better understand how to collect and analyze data from ...

Weezer at .conf25? Say it ain’t so!

Hello Splunkers, The countdown to .conf25 is on-and we've just turned up the volume! We're thrilled to ...

How SC4S Makes Suricata Logs Ingestion Simple

Network security monitoring has become increasingly critical for organizations of all sizes. Splunk has ...