I have a question about how events arrive inside of a tool such as Splunk.
Currently, it appears that the way the plugin works is it will send the records over to the log collection application in question, placing the time stamp of the event in epoch time (located in the attributes of the event).
However, it would appear that within Splunk, it is marking the event time at which point it entered into Splunk.
So, for example, I have an event that happened two years ago, the time stamp on the event shows that and SailPoint shows that (even Splunk will show that if you drill into the event).
However, when I import into Splunk, let's say today (March 15, 2021), Splunk will show the event timestamp of today instead of when the actual event took place.
So when I am doing analytics, I can't actually look for when the event took place based on Splunk's timestamps (because Splunk is showing the day of import, not when the event took place): it won't actually be showing me events that took place two years ago.
Splunk would be showing those events that took place two years ago as events that took place today because that's when the events from SailPoint were imported into Splunk.
It sounds like the event date is being set to the index date
What does your props.conf look like for setting the timestamp?
Based on your comment, you should add the following to the TA's local/props.conf:
TIME_PREFIX=\"created\":
TIME_FORMAT=%s$3N
Related
I will like to include the client's time zone next to the date as below:
03/03/2022 CET
The issue is that when I run the report from the server, it works but when report is executed on the browser side, id shows Coordinated Universal Time.
I am using the following function to get the time zone but I cannot get it to get the browser time zone:
System.TimeZone.CurrentTimeZone.StandardName
Any idea on how to get this?
I have a short 1 line script to generate a random integer so I can set it up to run with a trigger so that every time an integer is generated my other scripts using it as a reference will update instead of using a cached version.
The problem is it seems to be running by itself without triggers about once every 10 minutes or so and I don't know what is causing it.
This is the code:
function RandomInt()
{
SpreadsheetApp.getActiveSpreadsheet().getSheetByName("Player List").getRange('B1').setValue(Math.random());
}
It works perfectly except the part about it running by itself.
Edit:
So far I believe I have found out that triggers are per user (I did not know this and couldn't find anything about it, but it might just be common sense) So someone else may have a trigger set up for it because a decent amount of people use the sheet.
I ran the deleteTriggers() script Craig posted at Unable to delete triggers (google-apps-script)
And have not noticed the script running by itself anymore. The value has been the same for the last 30 minutes instead of changing every 10.
Edit2: It seems it was alright at first it stopped updating itself but when I added a trigger to update once per hour it started updating it randomly at approximately every 10 minute intervals again.
Edit3: I have abandoned trying to figure out what is wrong and decided to do
function Update()
{
SpreadsheetApp.getActiveSpreadsheet().getSheetByName("Player List").getRange('B1').setValue(new Date().getUTCHours());
}
This instead it works well with triggers and even if you set it to shorter intervals it doesn't change the value until the next hour.
Edit4: I have confirmed that the problem was created by someone elses triggers running to every 10 minutes, so the script should work fine, not sure how to close this.
I am integrating with the v2 Box rest api from an iOS app.
When I upload a file I cache it's modified date (as reported by Box in the return JSON)
Sometime later, I request the folder contents and check the modified date on the file (to see if it's changed since I last uploaded.) Depending upon how long I wait, the modified date changes - wtf!!!
If I request the folder contents immediately (msecs) after upload then the modified date is as it was after upload. If I wait 3 or 4 seconds then the date changes (by 1 second typically.)
Anyone from Box know why this might be - and how to fix it?
I don't know the answer to your particular question, but this caught my eye:
I ... check the modified date on the file (to see if it's changed since I last uploaded.)
If you're primarily concerned with detecting changes, then you might instead consider using the etag or version properties of the file object. They are designed for exactly this purpose.
I have an MS Access front end application in which the first form to be opened (a splash screen - the form is opened from the Autoexec Macro) has an on_Load event which sets the timer interval to 0, and an on current event which sets it to 100. The timer event starts the application running (attaching to the backend SQL Server Database etc).
When a fresh copy of the application is copied to a new place - we do that when there is a new release - it gets copied to each users machine, the very first call of the application acts as through the timer never fires. In other words it appears the the on current event never fires.
I cannot find what is causing it, and my only explanation that I can think of is that in testing the start up just before release, I have set the form so its current record IS the one that is set when the form loads on start up.
Is this true? Is there a situation anyone is aware of where the on_current event doesn't fire for that, or any other reason.
The reason I wait until the on_current event is that the form itself has a data-source which depending on the form filter sets the parameters for different databases to connect to (production v test for instance). A work around may be to set the timer interval in the on load event - but it opens up to a possible race condition where the timer fires before on_current has set the correct database, and I would prefer to avoid that risk
On Current fires when you move to a new record. To force it to fire, you might try to move to the last record, then back to the first.
I have a very strange problem. I load my app, switch to the correct tab and then press the button I need to press. This runs a function and when I first load the page it may only provide part of the correct result. However if I wait a few seconds it produces the correct result in full. Any ideas why this might be happening?
Additional Information
The button simply checks through a list of objects returned via ScriptDB. Objects that are valid are displayed and objects that are in-valid are not. If the object appears again in updates the text to display how many have been found in the list (eg: the label would change from "Object A" to "Object A (2)").
It seems to me like it doesn't have the rest of the list somehow as it doesn't always stop at the same object. It's Very strange and not something I've experienced before. The other features of my app using ScriptDB work completely regardless of how quickly I use them.
I've figured it out now. I somehow had some erroneous data in the database which was returning a null field. I can only assume that this was from a import that I did last week from a spreadsheet.
This was copied from my comment to show that it has been resolved.