So I have the following search:

Index="Cyber" sourcetype=Response queue = "Incident" status ="resolved"  | dedup ticket

     | table Date_Created, Acknowledge_Date 
     | eval epoch1=strptime(Date_Created,"%Y-%m-%d %H:%M:%S") 
     | convert timeformat="%Y-%m-%d %H:%M:%S" mktime(Date_Created) as epochDateCreated
     | eval epoch2=strptime(Acknowledge_Date,"%Y-%m-%d %H:%M:%S")
     | convert timeformat="%Y-%m-%d %H:%M:%S" mktime(Acknowledge_Date) as epochAck
     | eval Diff=(epochAck-epochDateCreated)

     |stats avg(Diff)

I now have an average time it takes to acknowledge an incident in epoch format. However, I cannot use Strftime once the figure has already been averaged. Is there a way around this?