Range Operator
Overview
Generate a sequence of incrementing rows with range.
You can use range to generate a table with an incrementing set of rows, which may be useful when building sequences of data.
The first value in the sequence is <start>, and following rows are generated by adding <size> to the previous row. The final value in the sequence is the last value that is less than or equal to <end>—in other words, the sequence is inclusive of <end>. <dest> is name of the field the resulting sequence is assigned to. The values of <start>, <end>, and <step> must be integers.
range is one of the possible PantherFlow data sources, and can only be used as a table source.
Examples
Generate a sequence
Generate a sequence from 0 to 5 (inclusive).
0
1
2
3
4
5
Generate a sequence with a larger step
Sequences stop at the last number that is less than or equal to <end>.
Output:
1
3
Generate a sequence of timestamps
range can be used to create time sequences.
2025-03-13 15:41:46.368000
2025-03-13 16:41:46.368000
2025-03-13 17:41:46.368000
Generate time buckets for time series analysis
range can be combined with other operators to perform time series analysis. The example below creates hourly buckets into which Panther audit logs are mapped:
Last updated
Was this helpful?
