timechart with timezone

vishal1 · ‎09-03-2013

I have executed the command "timechart" and got output in the below formate.
4/1/13 12:00:00.000 AM
5/1/13 12:00:00.000 AM

Excpected Output.
4/1/13 12:00:00.000 AM EDT
5/1/13 12:00:00.000 AM EDT

I need to add timeZone to the output TimeStamp.

Please direct me with the command to get the expected output

HiroshiSatoh · ‎09-04-2013

If you simply need to add a time zone

(ex.)
･････|eval zTime=strftime(_time,"%m/%d/%y %H:%M:%S.%3N %p %Z")

HiroshiSatoh · ‎09-04-2013

Display did not change even if conversion and end up in the _time field name. Is it useless in another field?

(ex.)
･････|timechart span=1h count|eval ztime=strftime(_time,"%y/%m/%d %H:%M:%S.%3N %p %Z") | fields + ztime,count|fields - _time

vishal1 · ‎09-04-2013

I want to use the timechart command so that i can view data/per day.

Please guide me how i can add timeZone using "timechart" command

Join the Conversation