Search 2 date fields and find amount of days minus...

nathbe01 · ‎03-03-2020

Hello, I need to formulate a search there I have 2 date fields one is START_TIME 2020-02-28 19:19:58.0 other field is END_TIME 2020-03-03 19:19:58.0. What I need to do is find out is the START_TIME is before the weekend and the END_TIME is after the weekend. And chart my results based on that including other fields. I only want results where the START_TIME is before the weekend and the END_TIME is after the weekend. Events where the START_TIME and the END_TIME and before or during the weekends can be excluded.

For examples START_TIME is 2020-02-28 19:19:58.0 but END_TIME is 2020-02-2919:19:58.0 would not count as it was started and ended during the weekend. I only want events started before and ended after the weekend to count. Any help would be appreciated

nathbe01 · ‎03-03-2020

I should add, I have to go by START_TIME and END_TIME as the standard _Time for the event will not be accurate as these events update every 15 minutes so only the START_TIME and END_TIME fields give accurate times

Search 2 date fields and find amount of days minus weekend days

New Year, New Changes for Splunk Certifications

Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!

[Puzzles] Solve, Learn, Repeat: Reprocessing XML into Fixed-Length Events

Join the Conversation

Search 2 date fields and find amount of days minus weekend days

New Year, New Changes for Splunk Certifications

Stay Connected: Your Guide to January Tech Talks, Office Hours, and Webinars!

[Puzzles] Solve, Learn, Repeat: Reprocessing XML into Fixed-Length Events