cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
awalton
Splunk Employee
Member since: ‎08-07-2021
‎08-09-2021
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎08-07-2021
View All

Re: How do you set custom timestamp for data inges...

by Splunk Employee in Getting Data In
‎08-09-2021 05:42 PM
‎08-09-2021 05:42 PM
@jhanvidattani  Thank you for the response. This solution still did not work for me. What's strange is that if i manually upload the data via a file and assign it my sourcetype, it actually extracts the date field and assigns that as the timestamp. So, it must be something specifically happening when i ingest via the splunk sdk, correct? ... View more

How do you set custom timestamp for data ingested ...

by Splunk Employee in Getting Data In
‎08-07-2021 11:27 PM
‎08-07-2021 11:27 PM
Using the Splunk SDK, I am ingesting json data into a splunk index via this line of code:  index.submit(event, host="localhost", sourcetype="covid_vacc_data_ingest") This line of code is working and data is ingested, but the timestamp is always the ingestion time rather then the date field on the event. Here is a screenshot of my settings in Splunk enterprise for this sourcetype:  Here is a screenshot of what the ingested data looks like:  I want the _time field on the left to be the date field on the right. Any suggestions? Not sure what I am doing wrong. Thank you!  ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎08-09-2021 09:11 PM