Solved: How to convert epoch timestamp to readable date fo...

tattoostreet · ‎07-15-2014

Hi,

I am browsing information on one of our ticketing server databases, however, when I try to show table contents, it shows a weird format of date like the one below. Can anyone help how I can fix this? Thanks!

SystemLogID: 1713

CreatedDate: 1405343596.040

UserID: XX

Actions: XX

IsActive: XX

TicketID: XXXX

martin_mueller · ‎07-15-2014

That's an epoch timestamp, seconds.milliseconds since 1970. You can convert that to a readable format by appending this to your search:

... | fieldformat CreatedDate = strftime(CreatedDate, "%F %T.%3N")

View solution in original post

martin_mueller · ‎07-15-2014

That's an epoch timestamp, seconds.milliseconds since 1970. You can convert that to a readable format by appending this to your search:

... | fieldformat CreatedDate = strftime(CreatedDate, "%F %T.%3N")

sunnyparmar · ‎06-02-2015

Thanks.. It's work in my case..

bluemarvel · ‎08-04-2016

works thank you

brigancc · ‎12-08-2015

My Epoch timestamp was something like this

StartTime=1449559286189
EndTime=1449577678580

So dividing it by 1000 did the trick

eval StartTime=StartTime/1000, EndTime=EndTime/1000 | fieldformat StartTime=strftime(StartTime, "%F %T.%3N") | fieldformat EndTime=strftime(EndTime, "%F %T.%3N")

muralianup · ‎12-02-2015

Or you can create a macro as well.

How to convert epoch timestamp to readable date format?

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...