×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Kuronoa
New Member
Member since: ‎06-01-2021
‎06-05-2021
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎06-01-2021
View All

Creating a table that includes a column for date/t...

by in Splunk Search
‎06-02-2021 07:19 PM
‎06-02-2021 07:19 PM
Hello! I'll try to keep things as brief and concise as I can, but what you need to know is that I'm currently building a dashboard that tracks various criteria of windows machines, and depending on the conditions of these criteria, a score is assigned to each category, and when a specific host reaches a high enough score, it is considered for decommission. One of the criteria involved with determining the scoring for whether or the likelihood of a host needing decommission is how long ago somehow has logged into said host. I was wondering if anyone had any suggestions as to run a search and use eval to add a column containing the recorded time each windows event was received  below is an example of what one of the splunk events looks like using our index And here is a mockup designed to help better explain what I'm trying to do here:   Thanks for taking the time to read my question! ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2021 07:36 AM