Drops entries from the input array using the given filtering function.
The order is maintained in the output array. The name of the output array cannot be the same as the input array.
| Parameter | Type | Required | Default | Description |
|---|---|---|---|---|
array | string | true | The prefix of the array in LogScale, for example for events with fields incidents[0], incidents[1], ... this would be incidents. [a] | |
asArray | string | false | A string in the format of a valid array followed by []. A valid array can either be an identifier, a valid array followed by . and an identifier, or a valid array followed by an array index surrounded by square brackets. E.g., for events with fields incidents[0], incidents[1], ... this would be incidents[] . (introduced in 1.78) | |
function | Non-aggregate function | true | The function to use for filtering events in the array. | |
var | string | true | The function argument name | |
array:filter() Examples
Given an array of three elements, retrieve those where the address starts with "ba":
logscale
mailto[0]=foo@example.com
mailto[1]=bar@example.com
mailto[2]=baz@example.comQuery function:
logscale
array:filter(array="mailto[]", var="addr", function={addr=ba*@example.com}, asArray="out[]")Expected output:
logscale
out[0]=bar@example.com
out[1]=baz@example.com