1. Home
    2. Cortex
    3. Cortex XDR
    4. Cortex XDR™ XQL Language Reference
    5. XQL Functions Reference
    6. to_timestamp

    to_timestamp

    Cortex XDR XQL to_timestamp() function converts an integer to a timestamp.

    Synopsis

    to_timestamp (<
    integer
    >, <
    units
    >)

    Description

    The
    to_timestamp()
     function converts an integer to a timestamp. This function requires a
    units
     value, which indicates whether the integer represents seconds, milliseconds, or microseconds since the Unix epoch. Supported values are:
    • SECONDS
    • MILLIS
    • MICROS
    For example: 
    dataset = xdr_data 
| filter story_publish_timestamp != null 
| alter ts = to_timestamp(story_publish_timestamp, "MILLIS") 
| fields ts

    Recommended For You

    Recommended Videos

    Recommended videos not found.

    © 2021 Palo Alto Networks, Inc. All rights reserved.

    Techdocs Logo