Troubleshooting
Problem
The STIX query fails with visual builder when a timeframe is used without milliseconds in IBM Cloud Pak for Security (CP4S).
Symptom
ReaQta Connector fails with error: "Invalid query, submitter query is invalid."
Cause
The Visual builder is missing .000 in the time range:
START t'2022-07-01T00:00:00Z' STOP t'2022-08-02T00:00:00Z'
Resolving The Problem
Instead of submitting the query in visual builder:
- Copy the query from the Data Explorer > Visual builder tab.
- Input the visual query into the Advanced builder tab.
- Manually add the milliseconds in:
Note the addedSTART t'2022-07-01T00:00:00.000Z' STOP t'2022-08-02T00:00:00.000Z'.000Zto both start and stop times.
Related Information
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTDPP","label":"IBM Cloud Pak for Security"},"ARM Category":[{"code":"a8m0z0000001h8kAAA","label":"Data Explorer"}],"ARM Case Number":"TS010022255","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"},{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSVOEH","label":"IBM Security ReaQta"},"ARM Category":[{"code":"a8m3p000000hBSUAA2","label":"Agent"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
13 January 2023
UID
ibm16854421