timestamp_seconds - Administrator Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR Documentation

Product
Cortex XDR
Creation date
2024-03-06
Last date published
2024-10-01
Category
Administrator Guide
Abstract

Learn more about the Cortex Query Language timestamp_seconds() function.

Syntax
timestamp_seconds (<integer>)
Description

The timestamp_seconds() function converts an epoch time Integer value in seconds to a TIMESTAMP compatible value.

Note

Endpoint Detection and Response (EDR) columns store epoch milliseconds values so this function is more useful for values that you insert.

Example

Display a human-readable timestamp for the action_file_access_time field.

alter access_timestamp = timestamp_seconds(1611882205) | limit 1