Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the unit of time for run_time ?

the_wolverine
Champion
‎12-13-2012 04:47 PM

Would someone please confirm what the unit of time reported by run_time is? Run_time as reported by the scheduler or by jobs.

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎12-14-2012 07:16 AM

if this is a run time like this from the scheduler.log , run_time is likely in seconds

run_time=0.847 => zero seconds and 847 milliseconds.

05-24-2012 15:01:12.571 -0700 INFO SavedSplunker - savedsearch_id="nobody;webintelligence;Referer breakdown fivemin summary - regenerator", user="nobody", app="webintelligence", savedsearch_name="Referer breakdown fivemin summary - regenerator", status=success, digest_mode=1, scheduled_time=1337896800, dispatch_time=1337896871, run_time=0.847, result_count=0, alert_actions="summary_index", sid="scheduler__nobody__webintelligence_UmVmZXJlciBicmVha2Rvd24gZml2ZW1pbiBzdW1tYXJ5IC0gcmVnZW5lcmF0b3I_at_1337896800_c1cad5102813ad2e", suppressed=0, thread_id="AlertNotifierWorker-0"

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

yannK
Splunk Employee
Splunk Employee
‎12-14-2012 07:16 AM

if this is a run time like this from the scheduler.log , run_time is likely in seconds

run_time=0.847 => zero seconds and 847 milliseconds.

05-24-2012 15:01:12.571 -0700 INFO SavedSplunker - savedsearch_id="nobody;webintelligence;Referer breakdown fivemin summary - regenerator", user="nobody", app="webintelligence", savedsearch_name="Referer breakdown fivemin summary - regenerator", status=success, digest_mode=1, scheduled_time=1337896800, dispatch_time=1337896871, run_time=0.847, result_count=0, alert_actions="summary_index", sid="scheduler__nobody__webintelligence_UmVmZXJlciBicmVha2Rvd24gZml2ZW1pbiBzdW1tYXJ5IC0gcmVnZW5lcmF0b3I_at_1337896800_c1cad5102813ad2e", suppressed=0, thread_id="AlertNotifierWorker-0"

0 Karma
Reply
Solved! Jump to solution

the_wolverine
Champion
‎12-19-2012 12:31 PM

Yes, it does appear to be in seconds. We had a few searches that were taking so long to complete that I couldn't believe that the number I was looking at was in seconds!

0 Karma
Reply
Get Updates on the Splunk Community!

Reduce and Transform Your Firewall Data with Splunk Data Management

Managing high-volume firewall data has always been a challenge. Noisy events and verbose traffic logs often ...

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...