Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to specify a timezone in a datamodel

ebs
Communicator
‎07-22-2021 05:41 PM

Is there a way to specify a timezone in a datanmodel?

I have an eval field called date relying on Splunk's _time field but I want to ensure that it matches a specific timezone, rather than relying on the extracted _time of the log as its in UTC.

I want to have the timezone match Brisbane, Australia (+10)

Labels (2)
Labels
0 Karma
Reply

codebuilder
Influencer
‎07-27-2021 07:12 AM

Timezone is applied at search time based on the users' settings. If none is set for the user Splunk will use the TZ of the server (default).

----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma
Reply

ebs
Communicator
‎07-27-2021 03:47 PM

This doesn't help in my instance because even though my timezone is set to mine, when doing a tstats datamodel the timezone is UTC no matter my settings

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...