I am working on a splunk query to pull the records from daily basis depends on timinging.
For example 30m and 60m, for those I have confirmed the _time and relative time conditions to pull the transactions between this timeframe.
Now we have a requirement to pull the records as below,
30 mins <60 mins on Sat&Sun> for rest of the day
How could I achieve this requirment from splunk. Please suggest.
... View more