×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
tmugherini
New Member
Member since: ‎11-04-2013
‎06-05-2020
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎11-04-2013
Activity Feed
View All

Re: AD Field Dates Converting and Searching

by in Getting Data In
‎11-07-2013 11:07 AM
‎11-07-2013 11:07 AM
Thanks What do I do with converted value post, just query as usual with < value? ... View more

AD Field Dates Converting and Searching

by in Getting Data In
‎11-07-2013 05:41 AM
‎11-07-2013 05:41 AM
Hello All New to splunk and would like a bit of guidance on dealing with Active Directory attributes that ave dates such as accountExpires and pwdLastSet. For example; this work well source="ActiveDirectory" AND accountExpires="12:00.00 AM, Tue 01/01/2013" AND accountExpires>0 | dedup name | search userAccountControl="512" However I would really like to see everything that expires prior to this date. "<" does not work because I suspect splunk see's this value as a string. Anyone have some examples of efficient ways to accomplish what I am looking for. TY ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM