to_integer

Cortex XDR XQL to_integer() function converts a string to an integer.

Synopsis

to_integer(
<string>
)

Description

The
to_integer()
function converts a string that represents a number to an integer.
It is an error to provide a string to this function that contains a floating point number.

Examples

Display the first 10 IP addresses that begin with a value greater than
192
. Use the split function to split the IP address by '.', and then use the arrayindex function to retrieve the first value in the resulting array. Convert this to a number and perform an arithmetic compare to arrive at a result set.
dataset = xdr_data | fields action_local_ip as alii | filter to_integer(arrayindex(split(alii, "."),0)) > 192 | limit 10

Recommended For You