I want to set alert with below query this should report if there is error from service now . i want this alert to be ignored any error logs that occurred before 10:52 EST on 11/16/2017 .
eventtype=snow_ta_collector_error OR eventtype=snow_ta_log_error
i guess "earliest" can be used but help me in the exact possible one.
↧