Find centralized, trusted content and collaborate around the technologies you use most.
Teams
Q&A for work
Connect and share knowledge within a single location that is structured and easy to search.
我需要 Splunk 查询来获取源类型的最大索引时间戳或最新索引时间戳。
请帮忙,因为我被困在这里很长时间了。
非常感谢您的帮助。
谢谢
这应该这样做。
| tstats latest(_time) where index=* by sourcetype