Security Query Functions
LogScale's security functions work with redacted events or data obfuscation to solve specialized tasks related to security and cybersecurity.
Table: Security Query Functions
| Function | Default Argument | Availability | Description |
|---|---|---|---|
hashMatch([bits], [field], [hash], input, [salt]) | input | Calculates a secure hash of a field and uses it to match events as a filter. | |
hashRewrite([as], [bits], field, [hash], [replaceInRawstring], salt) | field | Calculates a secure hash of a field for storing in the event. | |
ioc:lookup([confidenceThreshold], field, [include], [prefix], [strict], type) | field | Look up IOCs (Indicators of Compromise). |