Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Search 2 date fields and find amount of days minus weekend days

nathbe01
Explorer
‎03-03-2020 08:45 PM

Hello, I need to formulate a search there I have 2 date fields one is START_TIME 2020-02-28 19:19:58.0 other field is END_TIME 2020-03-03 19:19:58.0. What I need to do is find out is the START_TIME is before the weekend and the END_TIME is after the weekend. And chart my results based on that including other fields. I only want results where the START_TIME is before the weekend and the END_TIME is after the weekend. Events where the START_TIME and the END_TIME and before or during the weekends can be excluded.

For examples START_TIME is 2020-02-28 19:19:58.0 but END_TIME is 2020-02-2919:19:58.0 would not count as it was started and ended during the weekend. I only want events started before and ended after the weekend to count. Any help would be appreciated

Tags (1)
0 Karma
Reply

nathbe01
Explorer
‎03-03-2020 08:46 PM

I should add, I have to go by START_TIME and END_TIME as the standard _Time for the event will not be accurate as these events update every 15 minutes so only the START_TIME and END_TIME fields give accurate times

0 Karma
Reply
Get Updates on the Splunk Community!

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to Officially Supported Splunk ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI! Discover how Splunk’s agentic AI ...