Exam4Training

Which monitor stanza would be used to collect data 45 days old and newer from that log file?

A log file contains 193 days worth of timestamped events .

Which monitor stanza would be used to collect data 45 days old and newer from that log file?
A . followTail = -45d
B . ignore = 45d
C . includeNewerThan = -35d
D . ignoreOlderThan = 45d

Answer: D

Explanation:

Reference: https://docs.splunk.com/Documentation/Splunk/8.2.1/Data/Configuretimestamprecognition

Exit mobile version