Add a Field Based on Values of Another Field - Example 2 | LogScale Query Examples | LogScale Documentation

Skip to content

LogScale Documentation Library Guidance Release Notes Integrations Query Examples Training API GraphQL Search Archives Contact Support

Add a Field Based on Values of Another Field - Example 2

Derive new fields from existing values (success indicators) using nested if() functions

Query

logscale

| success := if(status >= 500, then=0, else=if(status == 404, then=0, else=1))

Introduction

Another example of nested if() functions: this is used to add a field success whose value is calculated based on field status.

Step-by-Step

Starting with the source repository events.
logscale
```
| success := if(status >= 500, then=0, else=if(status == 404, then=0, else=1))
```
Adds a success field at the following conditions:
- Sets the value of field success to 0 if status is greater or equal to 500 or if it's equal to 400, otherwise:
- Sets the value of field success to 1.
Event Result set.

Summary and Results

Nested if() functions for tagging a field according to different status values.

Enter search term