Hi,
I have events with a timestamp_value=1477043785561
We can filter like this:
index=a sourcetype=logins timestampvalue<=1477008000
Is it possible to use a date format in the base search to filter?
Of course the following does not work, but perhaps something similar is possible so that I don't have to translate every filter into epochtime.
index=a sourcetype=logins timestampvalue<=2016-10-21
Best
Heinz
↧