This was a good poar. I thought I had to subtract seconds in order to look at previous weeks. But i see now that doing this:
| eval futureTime=relative_time(_time, "-7d") | fieldformat futureTime=strftime(futureTime,"%Y-%m-%d %H:%M:%S")|

Gets me where I need to be as well AND looks a little cleaner. I found plenty of references to strftime but this is the first i've seen the "relative_time" command as well as the format for 7d, 1mon, etc in a query like that.

Thanks again 🙂

Hi Thanks for the quick response . Much appreciate .

I tried something similar using eval function :
eval time =strftime (relative_time(_time, "+1mon"),"%Y%m%d %H:%M:%S")

if i add one month to " 31 May 2016 at 6:44:30 p.m." it gives me "20160701 18:44:30"

Where as it should be:" Thursday, 30 June 2016 at 6:44:30 p.m"

Can you please advise what am I doing wrong ?

Thanks in advance

First, the easy part. The difference between your current output and expected output is in the strftime format string. Try %A, %d %B %Y at %I:%M:%S %p.

As for the result of relative, I don't have the answer, but I do have a theory. It looks like relative_time(_time, +1mon) adds the number of days in the month specified in _time. So '31 May 16' jumps ahead 31 days to 1 July 16 because May is 31 days long, whereas '30 Apr 16' jumps ahead 30 days to '30 May 16' because April is only 30 days long. Regrettably, I don't have a good workaround for this.

Thank you very much !!! . my formatting is all good .

If your problem is solved then please accept the answer.