Looking for help with Filters and Eval Functions
There's something about filters in an eval function (and probably other functions as well) that I either don't understand or that don't work as advertised. I have some events, all of them already have a field state. In some of these events, the value is a straight number. In some events, the field value contains an epoch time and a value, delimited by a pipe, e.g. 1696254765000|5.333333333333333. To get that value, I though I'd just use an eval and filter on events that have a pipe, like seen in the screenshot. However, that seems to remove the field for all events that do not match the filter (events that have just a number in state). I created a state_copy field to illustrate this: the top event only has state_copy, it does not have a pipe in the field value, and the second event has both state and state_copy.
I would have expected the filter on the eval function to leave the top event untouched.
I know I can solve it e.g. with a regex extraction instead of split() in eval, so I'm not looking for a different way to do it. Just trying to understand if I misunderstood something and if there's an explanation why the eval touches fields in events it's not supposed to be working on in the first place.
Best Answer
-
Can you try:
state.match(/|/)or
/|/.test(state)or
state.includes('|')1
Answers
-
Can you try:
state.match(/|/)or
/|/.test(state)or
state.includes('|')1 -
They all work. So it's something about match using a string that I was not aware of, and filters do work as I thought they would. Thanks!
0