https://stackoverflow.com/questions/18463700
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianA * did the trick: Start_Date=08/26/2013*
Answer here: http://answers.splunk.com/answers/100630/splunk-date-comparison
Splunk date comparison
-
26-06-2022 - |
Question
I need to be able to search for log entries with a specific start date, which has nothing to do with _time. The format is, for example, Start_Date: 08/26/2013 4:30 PM.
I need to add a condition in my search to specify the date, but not the time. I tried strptime and strftime unsuccessfully.
For example, I tried converting start date to a string (without time) and compare it to another string:
"08/26/2013"=strftime(Start_Date, "%d/%m/%Y")
This didn't work either:
"08/26/2013"=strftime(strptime(Start_Date "%d/%m/%Y %I:%M %p"), "%d/%m/%Y")
Any ideas how to solve this?
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
