Solved: Incorrect Time Range for @d

mchandx · ‎05-04-2012

I have a graph that displays the license usage for the day. I have the time parameter say to "@d" because I only want to see for the current day.

The problem I am having is that the counter resets at 12:00AM GMT-1. I am in GMT-5, so the counter resets at 8:00PM local time. I want the counter to reset at 12:00AM GMT-5 or 5:00AM GMT.

Here is a copy of my search:

index=_internal source=*metrics.log group=per_index_thruput series!=_* | eval totalMB = round(kb/1024, 2) | chart sum(totalMB) as total

Time is set to rt@d to rt

mchandx · ‎05-04-2012

I have resolved this issue. It had nothing to do with Splunk, but rather a feature of the environment it is in.

View solution in original post

mchandx · ‎05-04-2012

I have resolved this issue. It had nothing to do with Splunk, but rather a feature of the environment it is in.

Drainy · ‎05-04-2012

I believe you can fix this by going to Manager -> Your account and then selecting your timezone

mchandx · ‎05-04-2012

I'll give this a try. Unfortunately, there is no way to know until midnight. I will also try to specify the time perameter as "rt@d-4h" and see if that helps. I'll post back tomorrow with my results.

Drainy · ‎05-04-2012

I believe it should also affect your time ranges within searches.

mchandx · ‎05-04-2012

This seems to only change the display. Does this also change the way the application works?

Incorrect Time Range for @d

Splunk Observability for AI

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Splunk Observability as Code: From Zero to Dashboard

Are you a member of the Splunk Community?

Incorrect Time Range for @d

Splunk Observability for AI

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Splunk Observability as Code: From Zero to Dashboard