Solved: How to convert time to epoch time?

knalla · ‎07-23-2018

How to convert time to epoch time? What the best approach for this one?

Mon 07/23/2018 17:19:01.89

MuS · ‎07-23-2018

Hi knalla,

try this run everywhere search:

 | makeresults 
 | eval myTimeString="Mon 07/23/2018 17:19:01.89", _time=strptime(myTimeString, "%a %m/%d/%Y %H:%M:%S.%2N"), epoch=_time

This will parse your string and creates _time which will be shown human readable in Splunk, and epoch as an epoch time. Read more about strptime() here http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Commontimeformatvariables

Hope this helps ...

cheers, MuS

MuS · ‎07-23-2018

Hi knalla,

try this run everywhere search:

 | makeresults 
 | eval myTimeString="Mon 07/23/2018 17:19:01.89", _time=strptime(myTimeString, "%a %m/%d/%Y %H:%M:%S.%2N"), epoch=_time

This will parse your string and creates _time which will be shown human readable in Splunk, and epoch as an epoch time. Read more about strptime() here http://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Commontimeformatvariables

Hope this helps ...

cheers, MuS

How to convert time to epoch time?