to_float

Cortex XDR XQL to_float() function converts a string to a floating point number.

Synopsis

to_float(
<string>
)

Description

The
to_float()
function converts a string that represents a number to a float.

Examples

Display the first 10 IP addresses that begin with a value greater than
192
. Use the split function to split the IP address by '.', and then use the arrayindex function to retrieve the first value in the resulting array. Convert this to a number and perform an arithmetic compare to arrive at a result set.
dataset = xdr_data | fields action_local_ip as alii | filter to_float(arrayindex(split(alii, "."),0)) > 192 | limit 10

Recommended For You