Compare More Fields and Filter for Specific Events

Compare more fields and filter for events that are not twice as large using a negation statement

Query

logscale

test(field1 != 2 * field2)

Introduction

The test() function can be used to make comparisons between one field and one value, and it can also compare more fields and their respective values. Furthermore, it is possible to use a negation to filter for specific events.

In this example, the test() function is used to filter for events where the value of field1 is not exactly twice as large as the value in field2.

Step-by-Step

Starting with the source repository events.
flowchart LR; %%{init: {"flowchart": {"defaultRenderer": "elk"}} }%% repo{{Events}} 0[(Filter Function)] result{{Result Set}} repo --> 0 0 --> result style 0 fill:#ffbf00; style 0 fill:#ff0000,stroke-width:4px,stroke:#000;
logscale
```
test(field1 != 2 * field2)
```
Filters for events where the value of the field field1 is not exactly twice as large as the value in field field2.
Event Result set.

Summary and Results

The query is used to compare more fields and filter for specific events that are not of a certain size.

Examples Library