Appends single or multiple values to an array, or creates a new array if it does not already exist.
| Parameter | Type | Required | Default Value | Description |
|---|---|---|---|---|
array[a] | string | required | Name of the array to append values to. Must follow valid Array Syntax for array of scalars. For example, for events with fields incidents[0], incidents[1], ... this would be incidents[]. | |
values | array of expressions | required | The list of expressions to be appended. | |
The syntax for array:append() looks like
this:
array:append(array="foo[]", values=[exp_1, … exp_n])
where array:append() is used to either
append the values of exp_1 to
exp_n at the end of the
foo[] array, or create a new
array of these values if the array
foo[] is not present in the
event. If one of the expressions does not evaluate to a value,
then that expression is skipped.
array:append() requires that the input
array has continuous, sequential indexes with no gaps. If there
are gaps (that is, missing indexes), the function will start
inserting new values at the first missing index, potentially
overwriting existing elements. For example, having a missing
index like in:
|-----------------|
|array[0] | foo |
|array[1] | bar |
|array[3] | baz |
|-----------------|the query:
array:append("array[]", values=["x", "y", "z"])will produce the following output:
| field | value |
|---|---|
| array[0] | foo |
| array[1] | bar |
| array[2] | x |
| array[3] | y |
| array[4] | z |
Showing that array[3] has been overwritten.
array:append() Examples
Click next to an example below to get the full details.
Create New Array by Appending Expressions
Create a new flat array by appending new expressions using the array:append() function
Split Comma-Separated Strings in Array Into New Array
Split comma-separated strings in array into new flat array and extend with new values using the array:append() function