Join the Conversation
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- Re: EPOCH CONVERSION IN ORACLE QUERY
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I need to convert the EPOCH Time using Oracle Query,by using DB Query i have figured out using the below query it can be done
|dbquery DB_NAME limit=10 "Select * from Table_NM" |fieldformat NEW_CREATED_DT=strftime(CREATED_DT,"%d-%m-%y %H:%M:%S")
But i want the query that can be used in Oracle.
Any Help is Appreciated,
Thanks.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found the answer myself just to_char(date_attribute,'YYYY-MM-DD HH24:MI:SS')date_attribute will work no need of trying to convert it by multiplying & dividing the current time with 1970.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I found the answer myself just to_char(date_attribute,'YYYY-MM-DD HH24:MI:SS')date_attribute will work no need of trying to convert it by multiplying & dividing the current time with 1970.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yes because ,thats no longer a date field. but a good trick
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I will be indexing my DB table under DB Inputs.Using Input_Type=tail.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry linu i couldn't understand you, can you be a bit more specific.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if it is the summary index you can use as it is in a savedsearch. If you are trying to use dbmon then the sql query will index and while tabulating or creating dashboard you have to do the time conversion again.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I need the query as i would be using it to input a table & index into Splunk.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
oracle is not doing the time conversion its splunk which is converting the date field. you need to do the above to get the human readable format.
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Unlocking Unified Insights: New Gigamon Federated Search App for Splunk
GA: New Data Management App in Splunk Platform
Announcing Modern Navigation: A New Era of Splunk User Experience
