/
About the lhub_ts column
Document toolboxDocument toolbox

About the lhub_ts column

Owned by Jonas Gonzalez
Nov 29, 2024
1 min read

lhub_ts is a special column that is inserted to the events ingested from Event Types. lhub_ts stands for Devo SOAR Timestamp. It denotes the times at which the events happened.

When the events are ingested from Splunk or Sumo Logic, the lhub_ts values are set to milliseconds from the epoch. If you use a file-based connection, you have the ability to set that value in your file data. The value should also be in millisecond to ensure correct behavior in your flows.

In the UI, when it is detected that the value in lhub_ts is not in milliseconds, a warning will be shown in the node table.

Related content

Devo Last Event Date
Devo Last Event Date
Devo latest
More like this
Devo Last Event Date
Devo Last Event Date
Devo v7.10.0
More like this
Time control
Time control
7.13
More like this
Time control
Time control
Devo latest
More like this
addExecutionMetadata
addExecutionMetadata
Devo latest
More like this
IBM Cloud Flow Logs for VPC collector
IBM Cloud Flow Logs for VPC collector
Devo latest
More like this