Evaluate Arbitrary Field Values for CPU Time Within Repository

Evaluate and compare field values for CPU time within a repository

Query

logscale

test(cputime < 7500)

Introduction

The test() function is used to evaluate arbitrary expressions as boolean values in a query. Arbitrary expressions are used for various purposes, like performing calculations, making decisions, and defining conditions.

In this example, the test() function evaluates the arbitrary expression < as a boolean value (true/false) and filters events when the expression returns true.

Step-by-Step

Starting with the source repository events.
flowchart LR; %%{init: {"flowchart": {"defaultRenderer": "elk"}} }%% repo{{Events}} 0[(Filter Function)] result{{Result Set}} repo --> 0 0 --> result style 0 fill:#ffbf00; style 0 fill:#ff0000,stroke-width:4px,stroke:#000;
logscale
```
test(cputime < 7500)
```
Evaluates if the value of the field cputime is less than the value 7500 in a repository.
Event Result set.

Summary and Results

The query is used to evaluate arbitrary expressions as boolean values in a query. This is used to filter events where the expression returns true. The difference between using the test() function instead of the match() function is that test() returns a boolean value and match() returns a string. Searching for CPU times is useful when troubleshooting performance issues in a system.

Examples Library