Hello,

How do I do something like this in splunk?

eval base_starttime = [search index="app_event"| eval starttime = strftime(sometime, someformat) | return starttime] | (then use base_startime ....)

Basically I want to get hold of an eval in subsearch to use in my base search.
Thanks.