We are using Splunk REST API (search/jobs/export) to build aggregated reports.
Splunk server is in EDT, but we want to view the results in CDT. For that, we are using time filters in CDT as earliest_time="2016-06-21T09:00:00-05:00" latest_time="2016-06-21T09:59:59-05:00" . The searches are running as per time range, but in the result, _time is populating in EDT with a different format like 2016-06-21 10:00:00.000 EDT
Is there a way to get this _time as per time zone of applied time ranges or any other way to populate _time in a regular Splunk time format like 2016-06-20T13:00:59.878-04:00 ?
... View more