How to convert epoch values to human redable format in OUTCOME section

Question

Hi All,I am trying to solve event first seen and last seen using  MIN, MAX  functions,  but it returns an epoch value.How to convert this Epoch values ?Also is this right way to calculate firstseen and last seen for eventsThanks in Advance

bsalvatore · Accepted Answer

Hi,I think you can use the new YARA-L functions like https://cloud.google.com/chronicle/docs/detection/yara-l-2-0-syntax#timestampget_dateto convert unix seconds to a string with YYYY-MM-DD format.

Mufa_shah · Answer

Hi,I think you can use the new YARA-L functions like https://cloud.google.com/chronicle/docs/detection/yara-l-2-0-syntax#timestampget_dateto convert unix seconds to a string with YYYY-MM-DD format.thanks

Reply

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded