How to search by specific date and time range and ...

mikeyty07 · ‎12-21-2022

I am trying to search with specific date and time. Is it possible to search and compare?

for example, i want to get stats from 2022-12-20 14:00:00 to 2022-12-20 15:00:00 and compare it with other dates like 12/16, 12/10/, 12/5 with same time range. is there a way to get stats compared side by side with other dates
OR
just have the all mentioned dates and time (2p-3p) there in search query ?

bowesmana · ‎12-21-2022

Just put the date/time ranges in the query

(earliest="12/20/2022:14:00:00" latest="12/20/2022:15:00:00") OR
(earliest="12/16/2022:14:00:00" latest="12/16/2022:15:00:00") OR
(earliest="12/10/2022:14:00:00" latest="12/10/2022:15:00:00")

and the the simplest way is to then

| bin _time span=1d
| stats count by _time

or you may have date_hour field auto extracted, in which case you could just set the time picker and use date_hour=3

How to search by specific date and time range and compare with other date and time stats?

chart

count

eval

fields

stats

table

timechart

tstats

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Are you a member of the Splunk Community?

How to search by specific date and time range and compare with other date and time stats?