Splunk Search

Can you help me convert a timestamp to another timestamp?

New Member

Hi all,

I need to convert this timestamp

2019-03-13T00:35:10+0100

to this

13-03-2019 00:35:10

How can I do this?

0 Karma
1 Solution

SplunkTrust
SplunkTrust

try this everywhere:

| makeresults count=1
| eval time = "2019-03-13T00:35:10+0100"
| eval time_epoch = strptime(time, "%Y-%m-%dT%H:%M:%S")
| eval desired_time_format = strftime(time_epoch, "%d-%m-%Y %H:%M:%S")

hope it helps

View solution in original post

0 Karma

SplunkTrust
SplunkTrust

try this everywhere:

| makeresults count=1
| eval time = "2019-03-13T00:35:10+0100"
| eval time_epoch = strptime(time, "%Y-%m-%dT%H:%M:%S")
| eval desired_time_format = strftime(time_epoch, "%d-%m-%Y %H:%M:%S")

hope it helps

View solution in original post

0 Karma

New Member

Thanks @adonio,

I solved using

| eval Last_Event_Time = strptime(Last_Event_Time, "%Y-%m-%dT%H:%M:%S") 
| eval Last_Event_Time = strftime(Last_Event_Time, "%d-%m-%Y %H:%M:%S")

Best Regards

0 Karma

SplunkTrust
SplunkTrust

@ElBorni96
kindly accept the answer so others will know it works for you

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!