String Functions
PantherFlow string functions
strings.cat()
strings.cat()strings.cat(str: string, str: string, ... ) -> string
Concatenates strings.
Example:
panther_logs.public.aws_alb
| project clientAddr=strings.cat(clientIp, ':', clientPort)strings.contains()
strings.contains()strings.contains(str: any, substr: string) -> bool
Returns true if str contains substr. If str is not a string, it is stringified first.
Example:
panther_logs.public.aws_alb
| project usingMozilla=strings.contains(userAgent, "Mozilla")strings.ends_with()
strings.ends_with()strings.ends_with(str: string, postfix: string) -> bool
Returns true if str ends with postfix.
Example:
strings.ilike()
strings.ilike()strings.ilike(str: any, substr: string) -> bool
Returns true if str contains substr with SQL LIKE semantics ignoring case.
Example:
strings.join()
strings.join()strings.join(elements: [string], sep: string) -> string
Returns elements joined together with sep between each element.
Example:
strings.len()
strings.len()strings.len(str: any) -> int
Returns the length of str. If str is not a string, it is stringified first.
Example:
strings.like()
strings.like()strings.like(str: any, substr: string) -> bool
Returns true if str contains substr with SQL LIKE semantics.
Example:
strings.lower()
strings.lower()strings.lower(str: string) -> string
Returns str converted to lower case.
Example:
strings.split()
strings.split()strings.split(str: any, sep: string) -> [string]
Returns a list of substrings of str separated by sep.
Example:
strings.starts_with()
strings.starts_with()strings.starts_with(str: string, prefix: string) -> bool
Returns true if str starts with prefix.
Example:
strings.upper()
strings.upper()strings.upper(str: string) -> string
Returns str converted to upper case.
Example:
Last updated
Was this helpful?