Time format conversion from UTC to SGT time

NitishUa · ‎10-22-2023

Hi Team,

I'm currently receiving AWS CloudWatch logs in Splunk using the add-on. I'm developing a use case and need to utilize the "event Time" field from the logs. I require assistance in converting the event Time from UTC to SGT.

Sample event Time is in UTC +0

2023-06-30T17:17:52Z

2023-06-30T21:29:53Z

2023-06-30T22:32:53Z

2023-07-01T00:38:53Z

2023-07-01T04:50:52Z

2023-07-01T05:53:55Z

2023-07-01T06:56:54Z

2023-07-01T07:59:52Z

2023-07-01T09:02:56Z

2023-07-01T10:05:54Z

2023-07-01T11:08:53Z

2023-07-01T12:11:53Z

End result: UTC + 0 to SGT + 8 time.

Expected output format is "%Y-%m-%d %H:%M:%S"

gcusello · ‎10-22-2023

Sorry,

but SGT+8 corresponds to UTC.

If you want to chenge the time format from the displayed to "%Y-%m-%d %H:%M:%S" you should use eval with the time functions:

| eval Time=strftime(_time,"%Y-%m-%d %H:%M:%S")

Ciao.

Giuseppe

NitishUa · ‎10-22-2023

Will this change the timezone in the output to SGT?

We want the output to be shifted to SGT and then formatted to "%Y-%m-%d %H:%M:%S"

Time format conversion from UTC to SGT time

Congratulations to the 2025-2026 SplunkTrust!

[Puzzles] Solve, Learn, Repeat: Nested loops in Event Conversion

Your Guide to Splunk Digital Experience Monitoring

Join the Conversation

Time format conversion from UTC to SGT time

Congratulations to the 2025-2026 SplunkTrust!

[Puzzles] Solve, Learn, Repeat: Nested loops in Event Conversion

Your Guide to Splunk Digital Experience Monitoring