Hi Guys,
We have a scheduled PowerShell script which will give the output in a log file which will have a status of “LastDirSyncTime” time in UTC time as below on every 15 minutes.
LastDirSyncTime : 08-11-2019 07:35:17
Now our requirement is;
Compare the LastDirSyncTime (which is in UTC) with my Splunk Computer’s current time (Which is in PST) and provide the time difference. Our main goal is to trigger an alert in Splunk when ever “LastDirSyncTime” is more than 30 minutes.
Can some one please provide me a query to extract the time difference in minutes so that we can configure the required alerts.
... View more