getFieldnames

Get field names from a table

Get field names from a table. For ThreatGPS this operator gets the field names of an input table so the type of log can be identified and the correct playbook can be run. This operator can also be used to train a model for log prediction.

Operator Usage in Easy Mode

  1. Click + on the parent node.
  2. Enter the Get Field Names operator in the search field and select the operator from the Results to open the operator form.
  3. In the Table drop-down, enter or select the table to which the operator is applied.
  4. Click Run to view the result.
  5. Click Save to add the operator to the playbook.
  6. Click Cancel to discard the operator form.

Usage Details

getFieldnames(input_table)

Input Parameters:

input_table: Name of the input table from which to get the column (field) names.

Output Table:
A 1-row table with columns Tablename and Fieldnames. Fieldnames is a comma-separated list of column names from input_table.

Example

Input
table = github_logs

sourceIP sourcePort destIP destPort
1.1.1.112454.3.3.37854
3.3.3.345872.3.4.51247
getFieldnames(github_logs)

Output

Tablename Fieldnames
github_logssourceIP, sourcePort, destIP, destPort

Did this page help you?