Solved: How to change the _time text in the table?

renanprado96 · ‎05-30-2016

How to change the _time text in the table?

How to change in _time of "2016-04-01" to "first week", for example.

Thank You

woodcock · ‎05-30-2016

Just add this:

| fieldformat _time = "week " . strftime(_time, "%U")

View solution in original post

woodcock · ‎05-30-2016

Just add this:

| fieldformat _time = "week " . strftime(_time, "%U")

renanprado96 · ‎05-30-2016

Its Possible to change the week number for the month?
Of 1-5?

Days 1-7 - week 1
Days 8-14 - week 2
Days 15-21 - week 3
Days 22-28 - week 4 
Days 29-31 - week 5

ddrillic · ‎05-30-2016

strftime

doesn't have such an option, only the week of the year...

woodcock · ‎05-31-2016

Like this:

| fieldformat _time = case((tonumber(strftime(_time, "%d")) <= 7),  "1",
                           (tonumber(strftime(_time, "%d")) <= 14), "2",
                           (tonumber(strftime(_time, "%d")) <= 21), "3",
                           (tonumber(strftime(_time, "%d")) <= 28), "4",
                                                            true(), "5")

renanprado96 · ‎05-31-2016

Thank you!!!
Have a good day..

How to change the _time text in the table?

Webinar Recap | Revolutionizing IT Operations: The Transformative Power of AI and ML ...

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor