How do I query on a nested field within arrays in Panther?

Last updated: September 3, 2024

QUESTION

How do I query on a nested field within arrays?

ANSWER

You can check all elements in your log event using the FLATTEN command. This Snowflake article provides an example of how to use the FLATTEN function to parse nested arrays.