Refine your search:

After upgrade to 4.3.1 date format changed

0

After upgrading from 4.3 to 4.3.1, I have a few log files that splunk has changed the date format from month/day/year to year/month/day. The log files that have changed are being forwarded from splunk 4.3 full (not the universal forwarder) to my splunk index server which is the one I upgraded to 4.3.1. In an effort to resolve the issue I upgraded the forwarder to 4.3.1, but this did not fix the issue.

The log files have always been Y/M/D format and up until the upgrade Splunk had parsed these as M/D/Y without any changed using the syslog template.

asked 08 Mar '12, 08:18

mwdavisrbc's gravatar image

mwdavisrbc
1
accept rate: 0%

edited 08 Mar '12, 09:51

Be the first one to answer this question!
toggle preview

Follow this question

Log In to enable email subscriptions

RSS:

Answers

Answers + Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Tags:

×72
×11

Asked: 08 Mar '12, 08:18

Seen: 560 times

Last updated: 08 Mar '12, 09:51

Related questions

After upgrade, Splunk can no longer read evt files

SSO Broken after Upgrade to 4.3.1

Palo Alto App after upgrade to 4.3.1

After upgrade 4.3.1 -> 4.3.3, some dashboards broken

Splunk CPU Usage Spike after upgrade to 5.0.1

Date format

Upgrade issue 4.1.2 to 4.3.1 Windows...

Splunk date format different to event date format

upgrading to 4.3.1 -help

Copyright © 2005-2012 Splunk Inc. All rights reserved.