Last updated
Was this helpful?
Last updated
Was this helpful?
See additional PantherFlow query examples on .
panther_audit query examplesQuery the panther_logs.public.panther_audit table:
Return up to 10 results:
Sort by p_event_time:
Filter on the last 24 hours:
Filter on timestamp:
Filter on a nested field (using dot notation)
Filter on a nested field (using bracket notation)
Check that a deeply nested value within an array exists (i.e., is not null)
Count events:
Count number of actions:
Only show rare actions: