![]() The lookup() function is available only to Splunk Enterprise users. Returns the output field or fields in the form of a JSON object. Returns TRUE if one of the values in the list matches a value that you specify. If the expression evaluates to TRUE, returns the, otherwise the function returns the. Takes one or more values and returns the first value that is not NULL. Returns TRUE when an IP address,, belongs to a particular CIDR subnet. Returns the first value for which the condition evaluates to TRUE. Logical right shift function that takes two non-negative integers as arguments and shifts the binary representation of the first integer over to the right by the specified shift amount.Īccepts alternating conditions and values. Logical left shift function that takes two non-negative integers as arguments and shifts the binary representation of the first integer over to the left by the specified shift amount. It also takes an optional second argument that acts as a bitmask.īitwise XOR function that takes two or more non-negative integers as arguments and sequentially performs bitwise XOR of each of the given arguments. Use the links in the table to learn more about each function and to see examples.īitwise AND function that takes two or more non-negative integers as arguments and sequentially performs logical bitwise AND on them.īitwise OR function that takes two or more non-negative integers as arguments and sequentially performs bitwise OR on them.īitwise NOT function that takes a non-negative as an argument and inverts every bit in the binary representation of that number. This table provides a brief description for each function. The following table is a quick reference of the supported evaluation functions, organized by category. ![]() There are two ways that you can see information about the supported evaluation functions: ![]() | eval error=case(status = 200, "OK", status = 404, "Not found", true(), "Other") The following example shows how to use the true() function to provide a default to the case function. In the following example, the cidrmatch function is used as the first argument in the if function. You can specify a function as an argument to another function. If you want to append the literal string server at the end of the name, you would use dot notation like this in your search: name."server". For example, you have a field called name that contains the names of your servers. In other words, when the function syntax specifies a string you can specify any expression that results in a string. Literal strings must be enclosed in double quotation marks.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |