tencent cloud

PrevNext

Feedback

search by keyword

Recent Pages

Documentation
Cloud Log Service
    Documentation
    Download PDF

    Enrichment Functions

    Last updated: 2024-01-20 17:44:35
    Download PDF

      Function enrich_table

      Function definition

      This function uses CSV structure data to match fields in logs and, when matched fields are found, the function adds other fields and values in the CSV data to the source logs.

      Syntax description

      enrich_table(CSV data string, CSV column name string, output=Target field name or list, mode="overwrite")

      Parameter description

      Parameter
      Description
      Parameter Type
      Required
      Default Value
      Value Range
      data
      Input CSV data, where the first row is column names and the rest rows are corresponding values. Example: region,count\\nbj, 200\\ngz, 300
      string
      Yes
      -
      -
      fields
      Column name to match. If the field name in the CSV data is the same as the field with the same name in the log, the matching is successful. The value can be a single field name or multiple new field names concatenated with commas.
      string
      Yes
      -
      -
      output
      Output field list. The value can be a single field name or multiple new field names concatenated with commas.
      string
      Yes
      -
      -
      mode
      Write mode of the new field. Default value: overwrite
      string
      No
      overwrite
      -

      Example

      Raw log:
      {"region": "gz"}
      Processing rule:
      enrich_table("region,count\\nbj,200\\ngz,300", "region", output="count")
      Processing result:
      {"count":"300","region":"gz"}

      Function enrich_dict

      Function definition

      This function uses dict structure data to match a field value in a log. If the specified field and value match a key in the dict structure data, the function assigns the value of the key to another field in the log.

      Syntax description

      enrich_dict(Dict data string, Source field name, output=Target field, mode="overwrite")

      Parameter description

      Parameter
      Description
      Parameter Type
      Required
      Default Value
      Value Range
      data
      Input dict data, which must be the escaped string of a JSON object. Example: enrich_dict("{"200":"SUCCESS","500":"FAILED"}", "status", output="message")
      string
      Yes
      -
      -
      fields
      Field name to match. If the value of the key in the dict data is the same as the value of the specified field, the matching is successful. The value can be a single field name or multiple new field names concatenated with commas.
      string
      Yes
      -
      -
      output
      Target field list. After successful matching, the function writes the corresponding values in the dict data to the target field list. The value can be a single field name or multiple new field names concatenated with commas.
      string
      Yes
      -
      -
      mode
      Write mode of the new field.
      string
      No
      overwrite
      -

      Example

      Raw log:
      {"status": "500"}
      Processing rule:
      enrich_dict("{\\"200\\":\\"SUCCESS\\",\\"500\\":\\"FAILED\\"}", "status", output="message")
      Processing result:
      {"message":"FAILED","status":"500"}
      
      Contact Us

      Contact our sales team or business advisors to help your business.

      Contact Us
      Technical Support

      Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

      Submit a Ticket
      7x24 Phone Support
      Copyright © 2013-2024 Tencent Cloud. All Rights Reserved.
      Privacy PolicyLegalCookie Policy