Splunk Search
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

table export displays different date format

voltaireb
New Member
‎11-04-2011 03:51 PM

Hi All, If I create a custom report using a table, the date displays and outputs in the browser fine:
11/1/11 5:35:20.000 PM

However, when I export the custom report to CSV, the date does not display as the browser:
2011-11-01T17:35:20.000-05:00

Any idea how I can get the CSV date to appear like what's displayed in the browser?

0 Karma
Reply

obesechicken13
Explorer
‎11-30-2012 12:02 PM

I think this occurs when you create a time chart and export that data. I don't think you can add a field to a timechart just like that.
timechart count by domain,_time
returns _time not valid.

You can go to excel and convert the date manually.

So as an example you can use the datevalue or date functions in excel.
datevalue("2012-11-30")+B2/24
when 2012-11-30 is the first date of your splunk data
and your data has a span of an hour (24)
and column B in excel is a bunch of numbers starting from 0 and incrementing by 1 every row down.

0 Karma
Reply

DanielBC
Explorer
‎03-19-2012 11:51 AM

You can add an additional formatted time field to your query to format the date/time into something a little easier to read with: '| convert ctime(_time) as time'

When you export the data you can remove the _time field from the CSV and use the new 'time' field instead.

0 Karma
Reply
Get Updates on the Splunk Community!

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...

Index This | When is October more than just the tenth month?

October 2025 Edition  Hayyy Splunk Education Enthusiasts and the Eternally Curious!   We’re back with this ...

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...