Learn the nuances of how time windows work in Splunk and how to go beyond the presets by using time in your search syntax.
- [Instructor] Time is one of the most useful levels…of filtering you can do on your search results.…If you have a server that started having problems…today at 10:00 a.m. for example,…being able to look at everything going on at that time…can really help you spot the root problem.…We've already had a quick look at the built-in time filters,…but let's go a bit deeper.…First, I'm actually going to just put a star…into the search field,…so we have lots of results to work with.…Now, let's head over to the drop-down,…and instead of Last 24 Hours, let's say Today.…
You should see a fair number of results still,…and if you've just started your server up today,…it should be the same number.…Now, instead let's try clicking on Previous Year.…You probably won't see anything here,…unless you've been going through this course very slowly,…or you're watching this in early January.…I just wanted to illustrate it,…to show how the relative times work.…It automatically shifts the search window…to the last calendar year, not the previous year,…
- Installing Splunk
- Filtering search data
- Advanced search syntax
- Creating reports and dashboards
- Creating alerts and actions
- Configuring remote data and multiple data streams
Skill Level Beginner
DevOps Foundations: Monitoring and Observabilitywith Ernest Mueller2h 12m Intermediate
1. Tour of Major Features
3. Reporting and Dashboards
5. Practical Splunk
Next steps1m 57s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.