Time format for 2016-25-11T00:00:0019:47:00

Thuan · ‎11-02-2016

Hi
the string "2016-25-11T00:00:0019:47:00" represents the time stamp in a logfile. I can figure that
2016-25-11 is %Y-%m-%d in strptime format
T represents the start of the time section
but what is the remaining string " T00:00:0019:47:00" in terms of strptime => T%H:%M: and what else?
Can you explain what is 0019:47:00? What is the format used here in terms of seconds, milliseconds, etc.
I need to extract the time stamp. Thank you.

DalJeanis · ‎03-12-2018

This is almost certain to be caused by some prior process misunderstanding the data that it was transforming, and putting the mm and dd in the wrong place.

Literally NO ONE uses yyyy-dd-mm, so it has to be a mistake.

Better to go back and get the prior translation process corrected to put out valid yyyy-mm-dd format.

gcusello · ‎11-03-2016

Hi Thuan,
at first %Y-%m-%d isn't correct (month and day are reversed!), every way, I don't know the meaning of your log but I think that your format could be:

%Y-%d-%mT00:00:00%H:%M:%S

Bye.
Giuseppe

horsefez · ‎11-03-2016

Hi Thuan,

could it be that these are two timestamps joined together in a wierd way?
Like 00:00:00 and 19:47:00, just without a space between them.

What application is this log from?
Maybe the application doesn't utilize those fields for whatever reason.

Could you show us examples from the logs where the sequence "00:00:00" after "T" isn't all zeros?

Time format for 2016-25-11T00:00:0019:47:00

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

Splunk APM: New Product Features + Community Office Hours Recap!

Index This | Forward, I’m heavy; backward, I’m not. What am I?