New to Splunk, can anyone please help me with the below scenario?
I am receiving events like below:
Event1 21/06/2019 10.05AM
Event2 21/06/2019 10.08AM
I have to create an alert for all those events if my current time(system time) and the LastUpdateTime difference is more than 30 minutes, in this scenario what will be my search string.
It would be a great help if someone can assist me with this.
... View more