Skip to main content
Panther Knowledge Base

How do I change a Custom Schema field type in Panther?

  1. Last updated
  2. Save as PDF

QUESTION

How do I change the inferred type of a custom schema field in Panther? What should I do when I have a mis-typed schema field?

ANSWER

Since Panther v1.62, users can to add, remove, and change the data type of schema fields.

Previously, these actions were unavailable due to backwards compatibility. To correct a mistyped schema field in an earlier Panther version, create a new schema with the fields correctly typed. Adjust any affected log sources to start using the new schema. Any newly ingested logs will now be correctly typed, but previously ingested logs will maintain the old types.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.