Table of Contents | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
Get field names from a table. For ThreatGPS this operator gets the field names of an input table so the type of log can be identified and the correct playbook can be run. This operator can also be used to train a model for log prediction.
...
Example
Input
table = github_logs
sourceIP | sourcePort | destIP | destPort |
---|---|---|---|
1.1.1.1 | 1245 | 4.3.3.3 | 7854 |
3.3.3.3 | 4587 | 2.3.4.5 | 1247 |
LQL command
Code Block |
---|
getFieldnames(github_logs) |
Output
Tablename | Fieldnames |
---|---|
github_logs | sourceIP, sourcePort, destIP, destPort |