Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to get the right time?

veveok
Engager
‎05-04-2022 07:41 PM

my log appear:

 

1;1;laptop-rdvt90t4;http://update-software.xxx.com/WeatherFix03_SP03120.exe;C:\Windows\SysWOW64\DynamicWeather.exe;NT AUTHORITY\SYSTEM;2022-05-02 09:23:25;192.168.1.8;;;

1;1;laptop-rdv7446p;http://update-software.xxx.com/qatherFixP00190.exe;C:\Windows\SysWOW64\Der.exe;ScWhJ\lizonghao;2022-05-02 09:25:27;192.168.1.8;;;

I use :strptime()  %H:%M:%S , and reg “202\d+-\d+\-\d+\s” to get the time,

2.jpg

 

but it look like wrong。

like this pic.

 

1.jpg

 

how to write this reg to get the  time?

 

Labels (1)
Labels
Tags (1)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

veveok
Engager
‎05-04-2022 10:39 PM

it works with:

%Y-%m-%d %H:%M:%S

and

^(?:[^;]*\;){10}\s*

 

 

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

veveok
Engager
‎05-04-2022 10:39 PM

it works with:

%Y-%m-%d %H:%M:%S

and

^(?:[^;]*\;){10}\s*

 

 

0 Karma
Reply
Get Updates on the Splunk Community!

Combine Multiline Logs into a Single Event with SOCK - a Guide for Advanced Users

This article is the continuation of the “Combine multiline logs into a single event with SOCK - a step-by-step ...

Everything Community at .conf24!

You may have seen mention of the .conf Community Zone 'round these parts and found yourself wondering what ...

Index This | I’m short for "configuration file.” What am I?

May 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with a Special ...