The end of the time range is the beginning of the current minute. Here's an example of using a time range in a search that goes back 5 minutes, snapping to the beginning of the minute. For example, if it is 11:59:00 and you "snap to" using hours, you will snap to 11:00 not 12:00.
#FIND FILES BY DATE RANGE SOFTWARE#
When snapping to a time, Splunk software always '''snaps backwards''' or rounds down to the latest time that is not after the specified time.
Specifying a narrow time range is a great way to filter the data in your dataset and to avoid producing more results than you really need.
When you create a search, try to specify only the dates or times that you're interested in.