Abstract
Learn more about the Cortex Query Language current_time() function that returns the current time as a timestamp.
Syntax
current_time()
Description
The current_time() function returns a timestamp value representing the current time in the format MMM dd YYYY HH:mm:ss, such as Jul 12th 2023 20:51:34.
Example
From the xdr_data dataset, returns the events of the last 24 hours whose actor process started running more than 30 days ago.
dataset = xdr_data | filter timestamp_diff(current_time(),to_timestamp(actor_process_execution_time, "MILLIS"), "DAY") > 30