Grafana macros

IBM® Security QRadar® AQL Plugin supports two time picker macros.

Macro AQL
$__timeFilter()
START / STOP based on time picker selected to and from values.
START '2024-06-03%2008:25:41.311' STOP '2024-06-03 14:25:41.311
$__timeFrom()
START based on time picker selected from value.
START '2024-06-12 08:38:16.262'

See the following examples:

SELECT starttime FROM events $__timeFilter(starttime)
SELECT COUNT(sourceip) FROM events $__timeFrom(starttime) 
Important: The Ariel flows database return results from the last 5 minutes by default. Query results for a specific time interval can be returned using the time filter macro and the Grafana time picker. See the following example.
SELECT SUBSTRING(sourceip, 3, 5) AS substring FROM flows LIMIT 5 $__timeFilter(starttime)