Hello,
I have my data in the below format :
314 888 abcd 98 2013-07-09-08.01.41.00
514 888 abcd 98 2013-07-07-08.01.42.00
364 888 abcd 98 2013-01-02-10.01.46.00
394 888 abcd 98 2013-07-02-11.01.48.00
I am trying to sort my records based on the 5th column time stamp (which is not the ingestion time stamp) .
Can you please help me with it?
Hopefully, you have created the appropriate fields for your data. For the answer below, I assume that the 5th field is called timestamp
yoursearchhere
| eval ts = strftime(timestamp,"%Y-%m-%d-%H.%M.%S.%2N")
| sort ts
Thanks lguinn ...it works 🙂