Using Splunk 6.4.0 on Ubuntu Server
Trying to index a file that goes back in years. Working with the Timestamp to get it indexed correctly - I ran into a problem with it for Time Stamps before 11-30-2010, using this format: `%Y-%m-%d %H:%M:%S %Z`
Am I missing something? Thank you.
**Sample Data: timedate, number**
----------
*Could not use regex to parse timestamp from "2010-11-24 22:00:00 EST".*
2010-11-24 22:00:00 EST,3.1
*Could not use regex to parse timestamp from "2010-11-25 22:00:00 EST".*
2010-11-25 22:00:00 EST,2.22
*Could not use regex to parse timestamp from "2010-11-26 22:00:00 EST".*
2010-11-26 22:00:00 EST,3.33
*Could not use regex to parse timestamp from "2010-11-27 22:00:00 EST".*
2010-11-27 22:00:00 EST,4.44
*Could not use regex to parse timestamp from "2010-11-28 22:00:00 EST".*
2010-11-28 22:00:00 EST,5.2
Could not use regex to parse timestamp from "2010-11-29 22:00:00 EST".
2010-11-29 22:00:00 EST,6.1
2010-11-30 22:00:00 EST,7.2
2010-12-01 22:00:00 EST,8.5
2010-12-02 22:00:00 EST,9.8
2010-12-03 22:00:00 EST,9.2
2010-12-04 22:00:00 EST,9.2
2010-12-05 22:00:00 EST,9.9
↧