I design a function that is used to trigger a script(windows batch)  from a universal forwarder. The universal forwarder server is windows server 2012 The script has already been transformed to that uf server and the cron schedule is planned to trigger the script every day(3:00 am) The script has a date command to get the date of the system like below: =============== echo %date% =============== when the script triggered by splunk alert action. it will get the result :07/29/2021       -----MM/DD/YYYY it is not what I deside to get the format of date. but when I run the script from uf by mannual, I can get  the right result :2021/07/29       -----YYYY/MM/DD I also check the windows setting it was like below: I don't know the difference between splunk trigger script and mannually run the script. I know if the uf server is linux or unix it will have the problem of users(ex root or splunk user)  It will be a lot of help if some one could solve this problem. Sorry for writing so long sentences. Thank you.     ... View more

Hi,everybody. I would like to know if we can judge the order of index with some inner field in splunk. Is there any way to determine an event in one index. Dos Splunk has any inner field which we can use to judge the order of one index. like  it was in oracle,we can use the rowid to determine the unique number of the row. If you have any ideas,or advices,I will be appreciated for your help ... View more