Use this scalar function with the eval or the filter streaming functions.įunction Input timestamp: string format: string time_zone: string Function Output long If timezone is set to null, then UTC is used. This function takes three arguments: a timestamp X, a time format Y, and a timezone Z. This function parses a date string into a UNIX timestamp. | eval formatted_time=strftime(time_zone: "null", time: timestamp, format: "%H:%M:%S", ) strptime(timestamp, format, time_zone) If the timestamp field value is 1586541874588, then the value returned in the formatted_time field is 18:04:34. Returns the hour, minute, and seconds from the timestamp field in timezone UTC. Arguments Function Input time: long format: string time_zone: string Function Output long SPL2 examples The following time variables are not supported: %c, %+, %Ez, %X, %x, %w, %s. Use these common data and time format variables to specify the time-format Y that you want X to be formatted to. Use the first 13 digits of a UNIX time to use the time in milliseconds. ' 11:22:33', into epoch, with the string being described by Y. This function takes three arguments: a UNIX time X, a time-format Y, and a timezone Z, and returns X using the format specified by Y in timezone Z. strptime (X,Y) will convert a string X, e.g. This function formats a UNIX timestamp into a human-readable timestamp. | eval n=relative_time(time_zone: "GMT-0700", time: timestamp, modifier: format, time_zone) When working in the SPL View, you can write the function by using the following syntax. The following example determines the UNIX time value of the start of the hour, based on the value of timestamp, rounded down to the GMT time zone. Use this scalar function with the eval or the filter streaming functions.įunction Input time: long modifier: string time_zone: string Function Output long SPL2 examples For more information on snap-to-time and examples of relative time modifiers, see specify time modifiers in your search. If you do not want to round to a specific time zone, you can set the timezone field to null. For example, if your UNIX time corresponds to Monday 10pm PST and Tuesday 1am EST, then specifying a timezone allows you to select an accurate date that you want to round down to. This function takes three arguments: a UNIX time X, a relative time modifier Y, and a timezone Z, and returns the UNIX time value of Y applied to X rounded according to Z.īecause of the way that timezones are snapped, you must specify a timezone to determine how your time gets rounded down. Date and Time relative_time(time, modifier, time_zone)
0 kommentar(er)
