Re: Employee report

dude49 · ‎05-14-2024

Hey guys, I am working a report that needs to show any new employees coming into the company for the last 30 days. Right now I have a report constructed that pulls data for over the last 30 days on all employees for the company. How can I filter out this report to only show employees added to the company the previous month over the last 30 days? I will schedule this report to run weekly.

YoungN · ‎05-14-2024

@dude49,

You would need a field or value that gives you the hire/ start date and then format and eval the value to look for the last 30 days.

Something like the below:

|eval StartDay=strftime(hire_date, "%d")
|eval curDay=strftime(now(),"%d")
|eval window =(curDay - StarttDay)
|where (window < 30)

Reference:

https://docs.splunk.com/Documentation/SCS/current/SearchReference/DateandTimeFunctions

ITWhisperer · ‎05-14-2024

Do you have a report that identifies the employees that were added in the previous month?

Employee report

stats

tstats

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Observability Simplified: Combining User Experience, Application Performance & ...

Event Series May & June: From Network Visibility to Service Intelligence

Join the Conversation