Abstract
Learn more about the Cortex Query Language to_string function that converts a number value to a string.
Syntax
to_string (<field>)Description
The to_string() function converts a number value of a given field to a string.
Examples
Display the first non-NULL action_boot_time field value. In a second column called abt_string, use the concat function to prepend "str: " to the value, and then display it.
dataset = xdr_data
| fields action_boot_time as abt
| filter abt != null
| alter abt_string = concat("str: ", to_string(abt))
| limit 1