What does the following specified time range do? earliest=-72h@h latest=@d

The specified time range of earliest=-72h@h and latest=@d is used to define a specific time window for search queries. The notation "earliest=-72h@h" indicates that the search should begin from 72 hours ago, rounded down to the nearest hour, which means the search starts from exactly that time three days ago at the top of the hour. The "latest=@d" notation signifies that the search should end at the beginning of the current day, meaning it includes all data collected until 12:00 AM today.

This means the search retrieves data from the exact point three days ago, up to the very start of today, effectively including all data from that 72-hour period without including any data from today itself. Thus, it accurately describes the time range as looking back from 3 days ago, up to the beginning of today.