How to convert hex timestamp value to index in Spl...

Splunk Search

Hi ,

I have the below data to index into splunk

Can you advice how can i decode the hex timestamp below (5A8145B4.0000) so that below events can be indexed into splunk
via inputs.conf/props.conf

+5A8145B4.0000 Component: kbb
+5A8145B4.0000 Driver: tms_ctbs623fp5:d4009a/4402680.1

(5A8145B4.0004-1:kbbssge.c,52,"BSS1_GetEnv") KMS_NODEID="huhhjyxphtm01bvgfdx2"
(5A8145B4.0005-1:kbbssge.c,52,"BSS1_GetEnv") KMS_NODEID="jhgfklhtm01bnhbx2"
(5A8145B4.0006-1:kbbssge.c,52,"BSS1_GetEnv")

many thanks
smdasim

How to convert hex timestamp value to index in Splunk

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!

Catch Up Now >>

How to convert hex timestamp value to index in Splunk

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE! Catch Up Now >>

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!

Catch Up Now >>