Time format conversion from UTC to SGT time

NitishUa · ‎10-22-2023

Hi Team,

I'm currently receiving AWS CloudWatch logs in Splunk using the add-on. I'm developing a use case and need to utilize the "event Time" field from the logs. I require assistance in converting the event Time from UTC to SGT.

Sample event Time is in UTC +0

2023-06-30T17:17:52Z

2023-06-30T21:29:53Z

2023-06-30T22:32:53Z

2023-07-01T00:38:53Z

2023-07-01T04:50:52Z

2023-07-01T05:53:55Z

2023-07-01T06:56:54Z

2023-07-01T07:59:52Z

2023-07-01T09:02:56Z

2023-07-01T10:05:54Z

2023-07-01T11:08:53Z

2023-07-01T12:11:53Z

End result: UTC + 0 to SGT + 8 time.

Expected output format is "%Y-%m-%d %H:%M:%S"

gcusello · ‎10-22-2023

Sorry,

but SGT+8 corresponds to UTC.

If you want to chenge the time format from the displayed to "%Y-%m-%d %H:%M:%S" you should use eval with the time functions:

| eval Time=strftime(_time,"%Y-%m-%d %H:%M:%S")

Ciao.

Giuseppe

NitishUa · ‎10-22-2023

Will this change the timezone in the output to SGT?

We want the output to be shifted to SGT and then formatted to "%Y-%m-%d %H:%M:%S"

Time format conversion from UTC to SGT time

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you a member of the Splunk Community?

Time format conversion from UTC to SGT time

Can’t make it to .conf25? Join us online!

Community Content Calendar, September edition

Splunkbase Unveils New App Listing Management Public Preview

Leveraging Automated Threat Analysis Across the Splunk Ecosystem