Abstract
Learn more about the Cortex Query Language to_string
function that converts a number value to a string.
Syntax
to_string (<field>)
Description
The to_string()
function converts a number value of a given field to a string.
Examples
Display the first non-NULL action_boot_time
field value. In a second column called abt_string
, use the concat function to prepend "str: " to the value, and then display it.
dataset = xdr_data | fields action_boot_time as abt | filter abt != null | alter abt_string = concat("str: ", to_string(abt)) | limit 1