Table name (tablename)
- Juan Tomás Alonso Nieto (Deactivated)
- Anthony Shevlin (Deactivated)
- Former user (Deleted)
Description
Creates a new column that extracts the table name from a specified query, given its programming language.
How does it work in the search window?
Select Create column in the search window toolbar, then select the Table name operation. You need to specify two arguments:
Argument | Data type | Description |
|---|---|---|
Language mandatory | string | The programming language used to specify the query (for example, LINQ). |
query mandatory | string | The full query you want to analyze. |
The data type of the values in the new column is string.
Example
We want to get a column that indicates the table name of the following query:
from siem.logtrust.web.activity group every 5m by userAgent, method every 5m
To do it, we will create a new column using the Table name operation. Let's call the new column tableName
The arguments needed to create the new column are:
Language - Click the pencil icon and enter LINQ
query - Click the pencil icon and enter from demo.ecommerce.data group every 5m by userAgent, method every 5m
Click Create column and you will see the following result:
How does it work in LINQ?
Use the operator select... as... and add the operation syntax to create the new column. This is the syntax for the Table name operation:
tablename(language_string, query_string)
Example
Copy the following LINQ script and try the above example on the siem.logtrust.web.activity table.
from siem.logtrust.web.activity
select tablename("LINQ", "from my.app.test.data group every 5m by clientIpAddress every 5m select count() as count") as tableName