12/3/2023 0 Comments Splunk tutorial part 3![]() The Presets option contains Real-time, Relative, and Other time ranges. Click the time range picker to see a list of the time range options.The time range picker has many preset time ranges that you can select from. Try a different Relative time range, such as Previous week or Last 7 days. If you downloaded the tutorial data file 3 days ago, there are no events from the last 3 days. Searching for events using Today or any time less than the last 24 hours will return no events.įor all of your searches that use the tutorial data files, you need to adjust the search time range based on when you downloaded the tutorial data files. If today is a Wednesday, the events have a timestamp starting the previous Wednesday. For example, if you download the file today, the dates for the events begin the previous week. The dates of the events are based on the date that you downloaded the tutorial data file. The tutorial data for the Buttercup Games store contains events for a seven day period. When you download the ZIP file, timestamps are generated at that moment in time and are added to the data. When you run a search using the tutorial data, if no events are returned, it is probably because you downloaded the tutorialdata.zip file more than one day ago. You can restrict the search to one of the preset time ranges, or use a custom time range. You use the time range picker, which is to the right of the Search bar, to set time boundaries on your searches. ![]() Notice that hundreds of events are returned. To search for a keyword in your events, type buttercupgames in the Search bar and press Enter.īuttercupgames The keyword is highlighted in the events that are returned.To start a new search, click Search in the Apps bar.Let's explore the data from the Buttercup Games online store using the different time ranges. ![]() For example, to investigate an incident that occurred sometime in the last hour, you can use the default time range Last 24 hours, but a better option is Last 60 minutes. Narrow the time range of your search to that timeframe. You can use time ranges to troubleshoot an issue, if you know the approximate timeframe when the issue occurred. Restricting, or filtering, your search criteria using a time range is the easiest and most effective way to optimize your searches. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |