+3is it possible today (or upcoming feature request) to add a static timestamp as the starting time of a YARA-L dashboard query and have it ending dynamically at current date/time?
use cases --
any data from year to date,
ingestion from start of contract period to present
etc.
Best answer by jstoner
If you are looking to do a relative time from the start of the year (for instance), you can just use Relative 1 Year in the time range. The relative time works from the start of the current time unit specified, so past month would be Jan 1 as well while past week would be Sunday 2026-01-11T00:00:00.034Z.
If you are looking for something more arbitrary like a contract start date that could occur anytime, you could go down a path like this where you still use the relative time but then in the filtering statement insert that arbitrary time like I did here. In this case the search is looking back 90 days but the earliest event that meets the filtering criteria is one second after the value i said starts my desired time range.
You may certainly open a feature request to add more capabilities to the time range that does absolute time to current, but in the meantime the above should work.
+23If you are looking to do a relative time from the start of the year (for instance), you can just use Relative 1 Year in the time range. The relative time works from the start of the current time unit specified, so past month would be Jan 1 as well while past week would be Sunday 2026-01-11T00:00:00.034Z.
If you are looking for something more arbitrary like a contract start date that could occur anytime, you could go down a path like this where you still use the relative time but then in the filtering statement insert that arbitrary time like I did here. In this case the search is looking back 90 days but the earliest event that meets the filtering criteria is one second after the value i said starts my desired time range.
You may certainly open a feature request to add more capabilities to the time range that does absolute time to current, but in the meantime the above should work.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
