Splunk Search

Why am I getting error "Invalid earliest_time" trying to set a specific default setting for the date time picker?

brutecat
Path Finder

HI there,

I have been trying to set a specific date time in the default setting for the date time picker:

<fieldset autoRun="true" submitButton="false">
    <input type="time" token="time" searchWhenChanged="true">
        <label />
        <default>
          <earliestTime>04/01/2015:00:00:00 CET</earliestTime>
          <latestTime>now</latestTime>
        &lt;/default&gt;
    &lt;/input&gt;
&lt;/fieldset&gt;

I am taking the format from the docs which indicates %m/%d$Y:%H:%M:%S, but I keep getting an error when I try and run the query (Invalid earliest_time). I have tried multiple permutations with no success. Is this a locale dependency (I am in Australia and we usually reverse the month and day).

This is driving me crazy. Any advice would be well received!

Thanks,

Stan

0 Karma
1 Solution

woodcock
Esteemed Legend

The simplest way is to use Splunk-native epoch time (and add a comment to your code) and be done with it. Go to a site like this one to help you convert to epoch:

http://www.epochconverter.com/

You can also just do a search using the timepicker to set the date and pull the epoch time out of the URL under the URI &earliest=.

View solution in original post

0 Karma

woodcock
Esteemed Legend

The simplest way is to use Splunk-native epoch time (and add a comment to your code) and be done with it. Go to a site like this one to help you convert to epoch:

http://www.epochconverter.com/

You can also just do a search using the timepicker to set the date and pull the epoch time out of the URL under the URI &earliest=.

0 Karma

brutecat
Path Finder

@woodcock,

Thanks - perfect. Why do the docs then refer to a human readable format, or did I miss something,

Regards,

Stan

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) v3.54.0

The Splunk Threat Research Team (STRT) recently released Enterprise Security Content Update (ESCU) v3.54.0 and ...

Using Machine Learning for Hunting Security Threats

WATCH NOW Seeing the exponential hike in global cyber threat spectrum, organizations are now striving more for ...

New Learning Videos on Topics Most Requested by You! Plus This Month’s New Splunk ...

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...