Abstract
Learn more about the Cortex Query Language to_integer()
function that converts a string field to an integer.
Syntax
to_integer(<string>)
Description
The to_integer()
function converts a string value that represents a number of a given field to an integer.
It is an error to provide a string to this function that contains a floating point number.
Examples
Display the first 10 IP addresses that begin with a value greater than 192. Use the split function to split the IP address by '.', and then use the arrayindex function to retrieve the first value in the resulting array. Convert this to a number and perform an arithmetic compare to arrive at a result set.
dataset = xdr_data | fields action_local_ip as alii | filter to_integer(arrayindex(split(alii, "."),0)) > 192 | limit 10