This function takes the name of an array and drops all fields of this array.

ParameterTypeRequiredDefault ValueDescription
array[a]stringrequired  Name of the array to drop values for. Must follow valid Array Syntax for array of scalars. For example, for events with fields incidents[0], incidents[1], ... this would be incidents[].

[a] The argument name array can be omitted.

Hide omitted argument names for this function

Show omitted argument names for this function

array:drop() requires that the input array has continuous, sequential indexes with no gaps (empty indexes) and that the array starts at index [0] e.g. incidents[0], incidents[1], incidents[2]. If there are gaps e.g., incidents[0], incidents[1], incidents[2], incidents[10] only the fields from index 0 up to the first empty index will be dropped.

If no array with the given name exists, the function does nothing.

Without this function, each element of an array would need to be dropped individually using drop() or array:filter() as shown below:

logscale
array:filter(array="a[]", function={false}, var="")

With the function, specify the name of the array field to drop:

logscale
array:drop("a[]")

Validation:

The array parameter is validated to ensure the field is an array value.

array:drop() Examples

Drop Fields From Input Array

Query
logscale
array:drop("a[]")
Introduction

The array:drop() function is used to drop all fields from an input array provided that the array has continuous, sequential indexes with no empty indexes and that it starts at [0]. In this example, the array:drop() function is used to drop all fields of the array a[].

Example incoming data might look like this:

Raw Events
a[0]=Dog
a[1]=Cat
a[42]=Horse
a[0]=Dog
b[0]=Cat
c[0]=Horse
animal=cow

Step-by-Step
  1. Starting with the source repository events.

  2. logscale
    array:drop("a[]")

    Takes the name of the array a[] and drops all fields of this array. Array b[] and array c[] will not be dropped in this example. Be aware that if there are empty entries in the array, only the fields from index 0 up to the first empty index will be dropped.

  3. Event Result set.

Summary and Results

The query is used to drop all fields from a specific input array.

Sample output from the incoming example data:

b[0]c[0]animal
CatHorsecow