Solved: Issue with strptime

sethinkbold · ‎05-05-2020

I am trying to convert a date / time into 24 hour format using strptime. Here's the example:
OpenedAt = 5/4/2019 9:04:46 PM

I convert it to epoch using the following statement:
eval new_time=strptime(OpenedAt,"%m/%d/%Y %H:%M:%S %p")

When I test it again, it still dosn't show in 24 hour format:
eval new_time2=strftime(new_time,"%m/%d/%Y %T")

05/04/2019 09:04:46

vnravikumar · ‎05-05-2020

Hi

Check this

| makeresults 
| eval date="5/4/2019 9:04:46 PM",new_date=strftime(strptime(date,"%d/%m/%Y %I:%M:%S %p"),"%d/%m/%Y %H:%M:%S")

View solution in original post

to4kawa · ‎05-05-2020

| makeresults 
| eval OpenedAt ="5/4/2019 9:04:46 PM" 
| eval new_time=strptime(OpenedAt,"%m/%d/%Y %I:%M:%S %p") 
| eval new_time2=strftime(new_time,"%m/%d/%Y %T")

see reference.
https://docs.splunk.com/Documentation/Splunk/latest/SearchReference/Commontimeformatvariables

vnravikumar · ‎05-05-2020

Hi

Check this

| makeresults 
| eval date="5/4/2019 9:04:46 PM",new_date=strftime(strptime(date,"%d/%m/%Y %I:%M:%S %p"),"%d/%m/%Y %H:%M:%S")

Issue with strptime

eval

Application management with Targeted Application Install for Victoria Experience

Index This | What goes up and never comes down?

Splunkers, Pack Your Bags: Why Cisco Live EMEA is Your Next Big Destination

Join the Conversation

Issue with strptime

eval

Application management with Targeted Application Install for Victoria Experience

Index This | What goes up and never comes down?

Splunkers, Pack Your Bags: Why Cisco Live EMEA is Your Next Big Destination