Splunk SOAR (f.k.a. Phantom)
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to convert to date time from Epoch?

JoshiSri
Explorer
‎04-07-2023 02:36 AM

I have a field named start_time on an artifact, and trying to send a mail to a team. But if I just choose the API name, it send the epoch time. It needs to be in the Readable format. Any child playbook or custom function for it please

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

JoshiSri
Explorer
‎04-19-2023 03:06 AM

I had taken a look at it and it wont work the way it should, Instead I created a new custom code only one to convert the date format. Thanks Anyways

View solution in original post

0 Karma
Reply
Solved! Jump to solution

phanTom
SplunkTrust
SplunkTrust
‎04-11-2023 01:13 AM

@JoshiSri there is a datetime_modify community custom function that may help:

phanTom_0-1681200755408.png


-- If this helped please mark as a solution! Happy SOARing!

0 Karma
Reply
Solved! Jump to solution
Solution

JoshiSri
Explorer
‎04-19-2023 03:06 AM

I had taken a look at it and it wont work the way it should, Instead I created a new custom code only one to convert the date format. Thanks Anyways

0 Karma
Reply
Solved! Jump to solution

prasanthkota
Engager
‎07-13-2023 11:22 PM

Hello Joshi,

 

We are having a similar issue. Is it possible to share the custom code?

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎04-07-2023 11:57 AM

Use the strftime() function to convert an epoch time to a readable format.

strftime 

Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
‎04-07-2023 12:56 PM

It's a Splunk SOAR (formerly Phantom) forum. I'm pretty sure SPL commands and functions don't work there 😉

 

Reply
Get Updates on the Splunk Community!

Thanks for the Memories! Splunk University, .conf24, and Community Connections

Thank you to everyone in the Splunk Community who joined us for .conf24 – starting with Splunk University and ...

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...