[UPDATED]
If the requirement is to convert seconds to Days Hour Minute Second format tostring() evaluation conversion function can be used.
@WXY, please try the following run anywhere search which generates one sample event with fields StartTime and EndTime ( |makeresults till eval StartTime="2018/5/31 8:25:45"... generates dummy Date values as per the question).
| makeresults
| fields - _time
| eval StartTime="2018/5/31 8:25:45", EndTime="2018/5/31 8:25:47"
| eval StartTime=strptime(StartTime,"%Y/%m/%d %H:%M:%S"),EndTime=strptime(EndTime,"%Y/%m/%d %H:%M:%S")
| eval duration=EndTime-StartTime
| fieldformat StartTime=strftime(StartTime,"%Y/%m/%d %H:%M:%S")
| fieldformat EndTime=strftime(EndTime,"%Y/%m/%d %H:%M:%S")
Pipe the following after | eval duration to convert to Days+ HH:MM:SS format:
| eval durationString=tostring(duration,"duration")
____________________________________________
| makeresults | eval message= "Happy Splunking!!!"
