All this is happening in Splunk 6.6.2:

I have a relatively complex form, with a timechart and a drilldown from it selection to the data table below it. I wanted to show the time interval in a table title, and tried using $start$ and $end$ (saving them in some external tokens within <selection> - to be used in <earliest> and <latest> tags of the data table search, as well as displayed in the title) for that. I also tried to use $job.earliestTime$ and $job.latestTime$ from inside <progress> tag to save them into the tokens referenced in the title.

Unfortunately, this shows the time either as -8h (if I pick "8 hours ago" from the time picker and don't make a selection within the time chart) or as an integer like 1527835260. "No big deal", I thought and slapped an <eval token="earliest_for_display">strftime($start$,"%F %T")</eval> within the timechart's <selection>. Then I tried the same with $job.earliestTime$ inside data table search's <progress> instead of $start$.

It seems that the eval never even tried to execute. I ended up pre-setting those tokens with "Earliest: not set yet" and "Latest: not set yet" within the form's <init> - and they never changed.

As a side note - might be helpful to some: simple strftime will not work with relatives like @d, -24h or now, so I came up with the following construct:

<eval token="earliest_for_display">strftime(case(
$job.earliestTime$=="now",now(),
match(tostring($job.earliestTime$),"^[-+@]"),relative_time(now(),$job.earliestTime$),
match(tostring($job.earliestTime$),"^\d{4}-"),strptime($job.earliestTime$,"%FT%T.%3N%:z"),
1==1,$job.earliestTime$),"%F %T")</eval>

That "^\d{4}-" is for the times I get from <selection> - they seem to be returned in that "%FT%T.%3N%:z" format.