I have log lines stating service up/downtime in several slightly differing human readable formats where the hour and min suffixes can be either hr|hrs and min|mins. For example:
28hrs:22mins:21sec
0hr:22mins:21sec
0hr:0min:21sec
2hrs:0min:21secs
What would be the easiest / most efficient way to extract this field into more conventional format like `HH:MM:SS` (or even to seconds) hopefully using transforms.conf? I think we could do it by extracting the hours, mins and seconds into their own fields and then evaluating into a calculated field? But anything simpler?
↧