About PavelProstine

kamlesh_vaghela · ‎01-22-2020

Just twisting @vnravikumar 's answer. @manurajrajappan Can you please try this? YOUR_SEARCH | eval diff = strptime(Previous_Time, "%Y-%m-%dT%H:%M:%S.%9N%Z") -strptime(New_Time, "%Y-%m-%dT%H:%M:%S.%9N%Z") | where diff >3 | fieldformat diff = tostring(diff, "duration") | table New_Time, Previous_Time, diff Sample: | makeresults | eval New_Time="2020-01-22T03:17:36.385000000Z",Previous_Time="2020-01-22T03:17:39.388208200Z" | rename comment as "Upto this is for data generation only" | eval diff = strptime(Previous_Time, "%Y-%m-%dT%H:%M:%S.%9N%Z") -strptime(New_Time, "%Y-%m-%dT%H:%M:%S.%9N%Z") | where diff >3 | fieldformat diff = tostring(diff, "duration") | table New_Time, Previous_Time, diff

hfernandez_ · ‎01-16-2020

Ok, I implemented the changes and it worked. I appreciate the help. PavelProstine you're AWESOME!!!

Posts	3
Solutions	2
Karma Given	1
Karma Received	2
Member Since	‎08-31-2019

Online Status	Offline
Date Last Visited	‎06-05-2020 02:04 AM

Re: How to find time difference between below time...

Re: Regex help - Cisco WSA syslog data

Join the Conversation

Re: How to find time difference between below time...

Re: Regex help - Cisco WSA syslog data