Structuring commands
expand
Expands an array into separate records. This command takes an array, and for each incoming record, produces as many new records as there are elements in the array of the expression. The number of elements is limited by the limit parameter or the length of the array. If the array is empty, no records are produced. Elements are taken from the beginning of the array till the end of the array or the limit.
-
Syntax
expand [alias =] expression [, limit] -
Example
In the following example, the
expandcommand creates new records for each element in provided arrays with the last array limited to2elements.1data2record(a = array(1,3)),3record(a = array(4,5,6))4| expand name = a, limit:2Query result
a name 1, 311, 334, 5, 644, 5, 65
fieldsFlatten
The fieldsFlatten command can be used to extract/flatten fields from a nested record.
-
Syntax
fieldsFlatten expression [, prefix] [, fields: { [field, …] }] -
Parameters
Name Type Mandatory Default Constraints Description expression
string
yes
An identifier returning the record from which to flatten the fields.
prefix
string
no
The provided field name and a dot.
It can't be used together with the fields parameter.
Prefix that is applied to all fields that are going to be flattened out.
fields
map of field identifiers and an optional alias
no
It can't be used together with the prefix parameter.
Fields from the record that are going to be flattened out.
-
Example
1data2record(a=6, b=record(c1="test 1", d1=1)),3record(a=2, b=record(c1="test 2", d1=2)),4record(a=1, b=record(c1="test 3", d1=3))5| fieldsFlatten b, prefix:"pre_"Query result
a b pre_c1 pre_d1 6c1: test 1, d1: 1test 112c1: test 2, d1: 2test 221c1: test 3, d1: 3test 33