Splunk Search

How can I write a search query to retrieve release/installed date for all app on Splunk?

nareerat_pr
Explorer

I try to search with comand 

| rest /services/app/local 

but the value of the "updated" field is "1970-01-01T07:00:00+07:00" for all app

Tags (1)
0 Karma

richgalloway
SplunkTrust
SplunkTrust

That is a known problem, although I'm not sure it's published.  Go to https://ideas.splunk.com to ask Splunk to rectify it.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Get Updates on the Splunk Community!

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...

What’s New in Splunk Observability – September 2025

What's NewWe are excited to announce the latest enhancements to Splunk Observability, designed to help ITOps ...

Fun with Regular Expression - multiples of nine

Fun with Regular Expression - multiples of nineThis challenge was first posted on Slack #regex channel ...