/
Configuring the PowerConnect Cloud Agent to Extract Timestamps
Document toolboxDocument toolbox

Configuring the PowerConnect Cloud Agent to Extract Timestamps

Owned by Ben Bramley
Jun 27, 2022
1 min read

Overview

The PowerConnect Cloud agent can be configured to extract timestamps from the source events. By default the Inputs assign the _time field in Splunk to the timestamp when the event was collected. This behaviour can be modified so an Input assigns the _time field to a timestamp from the source event instead.

Note - currently in version 1.0.8 only the CPI message input supports timestamp extract but others will be supported in the next version 1.0.9.

Configuring a Timestamp for an Input

  • Whilst creating an Input or editing an existing Input click on the Timestamp tab

  • In the Timestamp Field dropdown choose a field from the event to use as the _time field in Splunk. Only fields mapped as Date/Timestamps will be shown

  • Click Save

Related content

Splunk Http Event Collector (HEC)
Splunk Http Event Collector (HEC)
PowerConnect for SAP Solutions
More like this
KB 127 - Splunking Historical data
KB 127 - Splunking Historical data
PowerConnect for SAP Solutions
More like this
PowerConnect Cloud 2.2.0 Release Notes
PowerConnect Cloud 2.2.0 Release Notes
PowerConnect for SAP Solutions
More like this
PowerConnect Cloud 2.1.0 Release Notes
PowerConnect Cloud 2.1.0 Release Notes
PowerConnect for SAP Solutions
More like this
PowerConnect Cloud 1.0.8 Release Notes
PowerConnect Cloud 1.0.8 Release Notes
PowerConnect for SAP Solutions
More like this
Create Splunk Indexes for SAP data
Create Splunk Indexes for SAP data
PowerConnect for SAP Solutions
More like this