How to set a report hourly for time frame between 26th to 5th of each month?
Unclear if you want to schedule your report or filter your data using those dates.
The following cron schedule/expression will schedule your report to run every hour between those dates:
0 * 1-5,26-31 * *
If you're looking to filter the data in your search to only include those date:
| eval dayofmonth=strftime(_time, "%e") | search dayofmonth>25 OR dayofmonth<6
@johnhuang if we want to set the alert for 365 days a year, hourly? how to acheive that?
Hi
0 * * * *
this will run alert on every hour on every day including those years which have something else than 365 days.
You could test these on https://crontab.guru/#0_*_*_*_*
r. Ismo
@isoutamo is their a way to limit this alert once per day? I tried using throttle and supressing it for once a day. is thier some other way?
If you want check it only once a day just switch wanted hour to the second * like
0 10 * * *
You should test these with https://crontab.guru/ which told to you what those are meaning.
Set your cron scheduled as follows for the scheduled report and it should work.
0 */1 1,2,3,4,5,26,27,28,29,30,31 * *
@jdunlea if we want to set the alert for 365 days a year, hourly? how to acheive that?
