Crate dw_transform
source · [−]Modules
Macros
Functions
Chunks together events with the same key
Drops events matching the specified key and value(s). Opposite of filter_keyvals.
Drops events not matching the specified key and value(s)
Drops events not matching the regex on the value for a specified key Will only match if the value is a string
Removes events not intersecting with the provided filter_events
Finds the first bucket which starts with the specified string, and optionally matches a hostname.
Floods event to the nearest neighbouring event if within the specified pulsetime
Returns a merged event if two events have the same data and are within the pulsetime
Merge events with the same values at the specified keys
Takes a list of two events and returns a new list of events covering the union of the timeperiods contained in the eventlists with no overlapping events.
Sort a list of events by duration with the highest duration first
Sort a list of events by timestamp
Adds $protocol, $domain, $path and $params keys for events with an “url” key