This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 14th: Gemini's generative AI within Google SecOps
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Issue with avg function returning floor values in YARA-L

Posted on 03-31-2025 01:56 AM
prashant_nakum
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

Hi everyone,

I am working on SecOps Native Dashboards and encountered an issue while using the avg function in YARA-L.

Below is my query:

metadata.vendor_name="ABC"
$uid=about.labels["uid"]
match:
	$uid
outcome:
	$duration=avg(duration.seconds)

The result values are automatically rounded down to the floor value, but I want the values to retain floating-point precision.

I tried using the window.avg function and also applied the round function, as shown below:

metadata.vendor_name="ABC"
$uid=about.labels["uid"]
match:
	$uid
outcome:
	$duration=math.round(avg(duration.seconds), 3)

However, the results still return the floor value.

Why is this happening? Is there any alternative or solution to achieve the desired results?

Thanks,
Prashant Nakum

0 7 140
Topic Labels
0 Likes
7 REPLIES 7
Top Solution Authors
View all