Hi there,
I ran into some Issues with DB Connect 2 DB-Input on Splunk 6.1 and MySQL:
1. I've tried several ways to get a timestamp field setup in the GUI:
- normal datetime fields seem to be misinterpreted to wrong dates
- if I try a characterfield, the Javadate format does not allow a format like "yyyy-MM-dd HH:mm:ss"
- if i try a conversion inside the query with unix_time; I get an Error about bigint not supported as timestamp
2. Where clauses are not possible through GUI if you're working in tail mode
3. Through the Limitations in 2 I have a fairly complex view setup where the query takes around 5 minutes on my systems. I've enabled the Debug Logging for dbx2.log and found the following Statements showing some kind of timeout for the dbinput service, but also stating that the query could take up to an hour:
/04/17/2015 14:59:14 [CRITICAL] [ws.py] [DBInput Service] timed out
[DEBUG] [mi_input.py] The execution time is 327.349689 seconds for this dbinput [mi_input://otrs-ticket-view-3] and its maximum query timeout setting is 3600 seconds
Any Ideas?
Thx in advance
Kai
... View more