cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
mrpaul
Explorer
Member since: ‎04-07-2014
‎01-05-2024
Community Statistics
Posts 5
Solutions 0
Karma Given 2
Karma Received 2
Member Since ‎04-07-2014
Activity Feed
View All

Re: Convert decimal date time value in CSV export ...

by SplunkTrust in Other Usage
‎01-05-2024 11:09 AM
1 Karma
‎01-05-2024 11:09 AM
1 Karma
This is really an Excel question rather than a Splunk question. In Splunk, date-times are stored internally as the number of seconds since 1/1/1970, whereas in Excel, date-times are stored internally as the number of days since 1/1/1900 (I think). Just format the cell as a date in Excel. ... View more

Re: Transaction or Stats - need multiple starts an...

by in Splunk Search
‎03-04-2016 04:02 PM
1 Karma
‎03-04-2016 04:02 PM
1 Karma
Let's assume you have a field called status that has (at least) values like start and end ; then you can use streamstats like this: ... | streamstats count earliest(_time) AS startTime latest(_time) AS endTime latest(status) AS lastStatus | count(eval(status="start")) AS sessionID | stats values(*) AS * BY sessionID ... View more

Re: Knowledge base within splunk

by Splunk Employee in Knowledge Management
‎04-07-2014 07:24 PM
2 Karma
‎04-07-2014 07:24 PM
2 Karma
hi, yes, this is an interesting use case, it's one of the features of the commercial Splunk App for Enterprise Security. A couple of links: http://docs.splunk.com/Documentation/ES/3.0.1/User/Notableeventsandincidentworkflow http://docs.splunk.com/Documentation/ES/3.0.1/User/NotableEvents ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎01-05-2024 11:57 AM
Karma from
View All
Karma given to
View All