Saved Bookmarks
| 1. |
What is the importance of time zone property in Splunk? |
|
Answer» A time zone is a CRUCIAL factor to consider when searching for events from a fraud or security perspective. This is because Splunk uses the time zone defined by your browser. Your browser then picks up the time zone associated with the machine/computer system you're working on. So, you will not be able to find your desired event if you search for it in the wrong time zone. The timezone is PICKED up by Splunk when DATA is entered, and it is particularly important when you are searching and comparing data from different sources. You can, for instance, look for events COMING in at 4:00 PM IST, for your London data centre, or for your Singapore data centre, ETC. The timezone property is therefore vital when correlating such events. |
|