time
Subcommands
| Subcommand | Description | Syntax |
|---|---|---|
now | Returns the current date and time | now() |
strftime | Formats a timestamp into a string | strftime(<expr>, <expr>) |
strptime | Attempts to parse a string into a timestamp | strptime(<expr>, <expr>) |
Examples
now
| eval now=now()
strftime
Example to get the current year:
| eval year=strftime(now(), "%Y")
strptime
The parsing format must include timezone information:
| eval
time=strptime("1970-01-01T00:00:00Z", "%+")
time2=strptime("1970-01-01T00:00:00+0000", "%Y-%m-%dT%H:%M:%S%z")