Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

To find number of days between two dates

jgr_26
Engager
‎05-20-2012 07:52 PM

Please give a solution to calculate the number of days between two given dates..

Regards
Govind.

Tags (1)
0 Karma
Reply

singhh4
Path Finder
‎07-08-2016 01:42 PM 
...| eval start = strptime(date1, "%Y-%m-%d %H:%M:%S")| eval end = strptime(date2, "%Y-%m-%d %H:%M:%S")| eval duration = round((end-start)/86400)

Converts column to timestamp(epoc): strptime(field, date_format)
This will give you the duration in days (example): 23

0 Karma
Reply

Chandras11
Communicator
‎09-04-2018 12:43 AM

HI, Just a small question here: What if I want to remove the weekend from this calculation.

0 Karma
Reply

siraj198204
Explorer
‎10-01-2014 07:14 AM

Hi ,
source="dmon-tail://idhouse/id_account" application=TFD [|inputlookup execSSO.csv |rename sso as owner] |eval exp_date=strftime(relative_time(strptime(lastPasswordChange,"%Y-%m-%d %H:%M:%S"),"+90d@d"), "%Y/%m/%d %H:%M")

This query is working good .

I need one more help ,

I want to count the days between exp_date and today date

any one can help me on this ...

Thank u ,

Regards,
Siraj

0 Karma
Reply

jgr_26
Engager
‎05-21-2012 08:23 AM

i need to generate a time based report. Below are the inputs
Start Date : string
End Date : string

I need the no of days from ( now to startDate) and (now to endDate), so that i can play around.

Thanks

0 Karma
Reply

gkanapathy
Splunk Employee
Splunk Employee
‎05-20-2012 10:16 PM

You really need to provide more context on this, such as, where are these dates coming from?

0 Karma
Reply

gkanapathy
Splunk Employee
Splunk Employee
‎05-20-2012 10:15 PM 
... | eval (timestamp2-timestamp1)/86400

is whatI can do with the information you've given.

Reply

Ayn
Legend
‎11-21-2012 02:18 PM

Ok, so what's not working with the provided solution?

0 Karma
Reply

jebasinghk
New Member
‎11-21-2012 09:32 AM

This is not working....

Here is my scenario... I have event coming in SPLUNK from database and i have 2 date columns in it. I need to get the difference between the 2 days and want to filter all records that are greater than 30 days.

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...