![]() You do this by configuring timestamp extraction. For some data, you might need to help Splunk software learn to recognize the timestamps. If there is no explicit timestamp in an event, Splunk software attempts to assign a timestamp value through other means. ![]() It assigns timestamp values automatically by using information that it finds in the raw event data. Splunk software adds timestamps to events at index time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |