https://community.splunk.com/t5/Getting-Data-In/Using-Splunk-s-REST-API-to-build-aggregate-reports-how-do-we/m-p/229121#M44564 <P>Log into the web user interface as the user you are using to pull the reports, and set the user's timezone to CDT.</P> Tue, 28 Jun 2016 12:37:47 GMT jkat54 2016-06-28T12:37:47Z https://community.splunk.com/t5/Getting-Data-In/Using-Splunk-s-REST-API-to-build-aggregate-reports-how-do-we/m-p/229120#M44563 <P>We are using Splunk REST API (search/jobs/export) to build aggregated reports.</P> <P>Splunk server is in EDT, but we want to view the results in CDT. For that, we are using time filters in CDT as <CODE>earliest_time="2016-06-21T09:00:00-05:00" latest_time="2016-06-21T09:59:59-05:00"</CODE>. The searches are running as per time range, but in the result, _time is populating in EDT with a different format like <CODE>2016-06-21 10:00:00.000 EDT</CODE></P> <P>Is there a way to get this _time as per time zone of applied time ranges or any other way to populate _time in a regular Splunk time format like <CODE>2016-06-20T13:00:59.878-04:00</CODE>?</P> Sat, 25 Jun 2016 19:33:54 GMT https://community.splunk.com/t5/Getting-Data-In/Using-Splunk-s-REST-API-to-build-aggregate-reports-how-do-we/m-p/229120#M44563 kpkvarma 2016-06-25T19:33:54Z https://community.splunk.com/t5/Getting-Data-In/Using-Splunk-s-REST-API-to-build-aggregate-reports-how-do-we/m-p/229121#M44564 <P>Log into the web user interface as the user you are using to pull the reports, and set the user's timezone to CDT.</P> Tue, 28 Jun 2016 12:37:47 GMT https://community.splunk.com/t5/Getting-Data-In/Using-Splunk-s-REST-API-to-build-aggregate-reports-how-do-we/m-p/229121#M44564 jkat54 2016-06-28T12:37:47Z