Solved: Re: Use timepicker selection in query

bfernandez · ‎07-10-2013

Anyone know if it is possible to use the time picker selection in a query?

I would like to use this value to calculate availability of a server in base of the time range selected.

time picker 24 so time_interval = 24 hours

server time_offline time_interval availability
server1 3 hours 24 hours 87,5%
server2 20 hours 24 hours 26,7%

I mean, I have the number of time downtime but I can’t calculate this metric dynamically.

Thanks!

bfernandez · ‎07-10-2013

After taking some time looking for information in answers I finally found the solution.

| addinfo | eval selection_duration=strftime(info_min_time,"%+") . " - " . strftime(info_max_time,"%+")

View solution in original post

viksinha · ‎06-23-2014

Can you please elaborate it with an example.. I am getting 'No results found' when I ran the search like: index=linux sourcetype=eif | addinfo | eval selectionduration=strftime(infomintime,"%+") . " - " . strftime(infomaxtime,"%+") | table selectionduration

bfernandez · ‎06-24-2014

You are missing underscores in the field names. That’s the problem.

info_min_time
info_max_time

http://docs.splunk.com/Documentation/Splunk/6.1.1/SearchReference/Addinfo

bfernandez · ‎07-10-2013

After taking some time looking for information in answers I finally found the solution.

| addinfo | eval selection_duration=strftime(info_min_time,"%+") . " - " . strftime(info_max_time,"%+")

Use timepicker selection in query

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Join the Conversation