Skip to main content
Skip table of contents

Configuring the PowerConnect Cloud Agent to Extract Timestamps

Overview

The PowerConnect Cloud agent can be configured to extract timestamps from the source events. By default the Inputs assign the _time field in Splunk to the timestamp when the event was collected. This behaviour can be modified so an Input assigns the _time field to a timestamp from the source event instead.

Note - currently in version 1.0.8 only the CPI message input supports timestamp extract but others will be supported in the next version 1.0.9.

Configuring a Timestamp for an Input

  • Whilst creating an Input or editing an existing Input click on the Timestamp tab

  • In the Timestamp Field dropdown choose a field from the event to use as the _time field in Splunk. Only fields mapped as Date/Timestamps will be shown

  • Click Save

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close