Splunk Search
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

how can I query against a time range if i have renamed datetime to _time?

guilmxm
Influencer
‎02-12-2013 02:15 PM

Hi,
Thanks you so much for this very great application that opens Splunk to many information system reality!
This App is definitively a must and real well done! i would advise it to anyone.

I am currently developing front ends for my client using Splunk and dbquery to directly works with various data from our databases, still i have an issue with timestamp and i would prefer not to have to locally index these data.

I use the command "rename" to change the datatime column field into "_time" field which works fine to generate timecharts (using timechart command), but this does not allow to filter the search through any timerange or timepicker...this is quite strange as in raw data Splunk seems to recognize the timestamp translated from db format...

Please Would know you do a way to achieve this using dbquery ? Thank you very much for your answer !

Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution

royimad
Builder
‎11-18-2014 05:09 AM

I there any simple XML down streaming time range picker values to the search by dbquery?

0 Karma
Reply
Get Updates on the Splunk Community!

Accelerating Observability as Code with the Splunk AI Assistant

We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...

Integrating Splunk Search API and Quarto to Create Reproducible Investigation ...

 Splunk is More Than Just the Web Console For Digital Forensics and Incident Response (DFIR) practitioners, ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...