Versions Compared

Old Version 1

changes.mady.by.user Anthony Shevlin

Saved on

compared with

New Version Current

changes.mady.by.user Anthony Shevlin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel1
maxLevel6
outlinefalse
typeflat
printablefalse

Get field names from a table. For ThreatGPS this operator gets the field names of an input table so the type of log can be identified and the correct playbook can be run. This operator can also be used to train a model for log prediction.

...

Example

Input
table = github_logs

sourceIP

sourcePort

destIP

destPort

1.1.1.1

1245

4.3.3.3

7854

3.3.3.3

4587

2.3.4.5

1247

LQL command

Code Block
getFieldnames(github_logs)

Output

Tablename

Fieldnames

github_logs

sourceIP, sourcePort, destIP, destPort