arraycreate - Reference Guide - Cortex XDR - Cortex - Security Operations

Cortex XDR XQL Language Reference

Product: Cortex XDR
Creation date: 2024-02-26
Last date published: 2024-04-16
Category: Reference Guide

Abstract

Learn more about the Cortex Query Language arraycreate() function that returns an array based on the given parameters defined for the array elements.

Syntax

arraycreate ("<array element1>", "<array element2>",...)

Description

The arraycreate() function returns an array based on the given parameters defined for the array elements.

Example

Returns a final array to a field called x that is comprised of the elements [1,2].

dataset = xdr_data
| alter x = arraycreate("1", "2")
| fields x