Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Search Help

mkhatri
Loves-to-Learn
‎07-12-2021 08:12 AM

Hello , I am trying to get the sales report for 3 months but the search results only gives the result for last 15 days. Results before 15 days are all zeros. the job notification shows :

[pdx-nav-non-prod-splunk-idx-240-132] Your search has been restricted to a time span of 1296000 seconds. i.e. 15 days.

So my question is how can i get the full report for 3 months or how can i increase the time span of a search .

Labels (2)
0 Karma
Reply

mkhatri
Loves-to-Learn
‎07-12-2021 08:51 AM

Yes .Maybe that's why i didn't have index on my  splunk settings. Thank you @michel_wolf .

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎07-12-2021 08:20 AM

Hi @mkhatri,

what's the retention of the index containing those data?

maybe you have on that index a retention of 15 days.

In addition, could you share the search you're using?

Ciao.

Giuseppe

0 Karma
Reply

mkhatri
Loves-to-Learn
‎07-12-2021 08:37 AM

Hii ,  i am not able to see the index on my splunk settings. The search i am using is :

index=nav_app_message_gateway event=sentMessageTo* status=200 | timechart count by templateId
0 Karma
Reply

michel_wolf
Path Finder
‎07-12-2021 08:18 AM

Hi,

I think you need to ask your splunk admin, maybe you have some role restrictions here like:

michel_wolf_0-1626103106716.png

 

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...