{"id":50296,"date":"2022-01-21T15:27:50","date_gmt":"2022-01-21T15:27:50","guid":{"rendered":"https:\/\/merikebi.warrenmyers.com\/?p=50296"},"modified":"2022-01-21T15:27:50","modified_gmt":"2022-01-21T15:27:50","slug":"answer-by-warren-for-splunk-extract-string-and-convert-it-to-date-format","status":"publish","type":"post","link":"https:\/\/merikebi.warrenmyers.com\/?p=50296","title":{"rendered":"Answer by warren for Splunk: Extract string and convert it to date format"},"content":{"rendered":"

Check out strftime.org, and the related strptime<\/code> function<\/a> used with eval<\/code><\/a><\/p>\n

Something on the order of this (pulled the microseconds out of your rex<\/code><\/a>, since Unix epoch time has no concept of subsecond intervals):<\/p>\n

| rex field=_raw "timeStamp\\>(?<timeStamp>[^\\.]+)\\.\\d+Z"\n| eval unixepoch=strptime(timeStamp,"%Y-%m-%dT%H:%M:%S")\n<\/code><\/pre>\n
from User warren – Stack Overflow https:\/\/stackoverflow.com\/questions\/70802593\/splunk-extract-string-and-convert-it-to-date-format\/70803673#70803673
\nvia IFTTT<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Check out strftime.org, and the related strptime function used with eval Something on the order of this (pulled the microseconds out of your rex, since Unix epoch time has no concept of subsecond intervals): | rex field=_raw "timeStamp\\>(?<timeStamp>[^\\.]+)\\.\\d+Z" | eval unixepoch=strptime(timeStamp,"%Y-%m-%dT%H:%M:%S") from User warren – Stack Overflow https:\/\/stackoverflow.com\/questions\/70802593\/splunk-extract-string-and-convert-it-to-date-format\/70803673#70803673 via IFTTT<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4],"tags":[991],"keyring_services":[],"class_list":["post-50296","post","type-post","status-publish","format-standard","hentry","category-blih","tag-stackexchange"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=\/wp\/v2\/posts\/50296","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=50296"}],"version-history":[{"count":1,"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=\/wp\/v2\/posts\/50296\/revisions"}],"predecessor-version":[{"id":50297,"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=\/wp\/v2\/posts\/50296\/revisions\/50297"}],"wp:attachment":[{"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=50296"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=50296"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=50296"},{"taxonomy":"keyring_services","embeddable":true,"href":"https:\/\/merikebi.warrenmyers.com\/index.php?rest_route=%2Fwp%2Fv2%2Fkeyring_services&post=50296"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}