Hi
How to convert the date format from the active directory to epoch time?
date format:
2016-10-23T05:00:00Z
I tried:
....|eval endDate= strptime(accountExpires,"%Y-%m-%dT%H:%M:%SZ")
but it's not showing anything.
Try this
| makeresults | eval accountExpires="2016-10-23T05:00:00Z"|eval endDate= strptime(accountExpires,"%Y-%m-%dT%H:%M:%S") | eval x=strftime(endDate, "%Y-%m-%dT%H:%M:%S") | table accountExpires endDate x
View solution in original post
