Splunk SOAR
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to convert to date time from Epoch?

JoshiSri
Explorer
‎04-07-2023 02:36 AM

I have a field named start_time on an artifact, and trying to send a mail to a team. But if I just choose the API name, it send the epoch time. It needs to be in the Readable format. Any child playbook or custom function for it please

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

JoshiSri
Explorer
‎04-19-2023 03:06 AM

I had taken a look at it and it wont work the way it should, Instead I created a new custom code only one to convert the date format. Thanks Anyways

View solution in original post

0 Karma
Reply
Solved! Jump to solution

phanTom
SplunkTrust
SplunkTrust
‎04-11-2023 01:13 AM

@JoshiSri there is a datetime_modify community custom function that may help:

phanTom_0-1681200755408.png


-- If this helped please mark as a solution! Happy SOARing!

0 Karma
Reply
Solved! Jump to solution
Solution

JoshiSri
Explorer
‎04-19-2023 03:06 AM

I had taken a look at it and it wont work the way it should, Instead I created a new custom code only one to convert the date format. Thanks Anyways

0 Karma
Reply
Solved! Jump to solution

prasanthkota
Engager
‎07-13-2023 11:22 PM

Hello Joshi,

 

We are having a similar issue. Is it possible to share the custom code?

0 Karma
Reply
Solved! Jump to solution

ITWhisperer
SplunkTrust
SplunkTrust
‎04-07-2023 11:57 AM

Use the strftime() function to convert an epoch time to a readable format.

strftime 

Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
‎04-07-2023 12:56 PM

It's a Splunk SOAR (formerly Phantom) forum. I'm pretty sure SPL commands and functions don't work there 😉

 

Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...