Versions Compared

Old Version 1

changes.mady.by.user Casey Stella

Saved on

compared with

New Version Current

changes.mady.by.user Neha Sinha

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Referencing fields in the enriched JSON
  • Simple boolean operations: andnotor
  • Simple comparison operations <><=>=
  • Determining whether a field exists (via exists)
  • The ability to have parenthesis to make order of operations explicit
  • A fixed set of functions which take strings and return boolean. Currently:
    • IN_SUBNET(ip, cidr1, cidr2, ...)
    • IS_EMPTY(str)
    • STARTS_WITH(str, prefix)
    • ENDS_WITH(str, suffix)
    • REGEXP_MATCH(str, pattern)
    • IS_IP : Validates that the input fields are an IP address. By default, if no second arg is set, it assumes IPV4, but you can specify the type by passing in either IPV6 or IPV4 to the second argument.
    • IS_DOMAIN
    • IS_EMAIL
    • IS_URL
    • IS_DATE
    • IS_INTEGER
  • A fixed set of transformation functions:
    • TO_LOWER(string) : Transforms the first argument to a lowercase string
    • TO_UPPER(string) : Transforms the first argument to an uppercase string
    • TO_STRING(string) : Transforms the first argument to a string
    • TO_INTEGER(x) : Transforms the first argument to an integer
    • TO_DOUBLE(x) : Transforms the first argument to a double
    • TRIM(string) : Trims whitespace from both sides of a string.
    • JOIN(list, delim) : Joins the components of the list with the specified delimiter
    • SPLIT(string, delim) : Splits the string by the delimiter. Returns a list.
    • GET_FIRST(list) : Returns the first element of the list
    • GET_LAST(list) : Returns the last element of the list
    • GET(list, i) : Returns the i'th element of the list (i is 0-based).
    • MAP_GET(key, map, default) : Returns the value associated with the key in the map. If the key does not exist, the default will be returned. If the default is unspecified, then null will be returned.
    • DOMAIN_TO_TLD(domain) : Returns the TLD of the domain.
    • DOMAIN_REMOVE_TLD(domain) : Remove the TLD of the domain.
    • DOMAIN_REMOVE_SUBDOMAINS(domain) : Remove the sub domain of the domain.
    • REMOVE_TLD(domain) : Removes the TLD from the domain.
    • URL_TO_HOST(url) : Returns the host from a URL
    • URL_TO_PROTOCOL(url) : Returns the protocol from a URL
    • URL_TO_PORT(url) : Returns the port from a URL
    • URL_TO_PATH(url) : Returns the path from a URL
    • TO_EPOCH_TIMESTAMP(dateTime, format, timezone) : Returns the epoch timestamp of the dateTime given theformat. If the format does not have a timestamp and you wish to assume a given timestamp, you may specify thetimezone optionally.

...