Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Improve query to list apps and versions on all indexer nodes

radam2000
Path Finder
‎04-08-2020 01:39 PM

I have this query to list the apps and their versions last update date for apps on all index nodes, however the updated date lists a default for all apps as "1969-12-31T19:00:00-05:00". Anyway to modify this to produce the proper updated date?

| rest /services/apps/local | search disabled=* |table splunk_server, title, label, version, updated, disabled, visible, description, author, configured, core, "eai:acl.app", "eai:acl.sharing", id

thanks in advance for any assistance...

Rich

Tags (1)
0 Karma
Reply

radam2000
Path Finder
‎04-11-2020 08:35 AM

It does not provide a correct update date for any entry - note output of query does show disabled field which contains both entries with 0 and 1 for true and false annd update date is the same

Thanks for your reply
Rich

0 Karma
Reply

DalJeanis
Legend
‎04-10-2020 04:49 PM

Does it list the correct updated date/time for apps that are not disabled?

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing Scheduled Export GA for Dashboard Studio

We're excited to announce the general availability of Scheduled Export for Dashboard Studio. Starting in ...

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...