Skip to main content
Help Center Logpoint Docs Idea Portal Logpoint.com

Hi 

I can see that the process eval command supports the use of if-else statements, but I can’t find any examples of the syntax. 

My issue is that I have logs which contain a source_address field, and host_address, and then I have some other logs which only contains host_address logs, and I would like to translate the IP to country from source_address if the field exists and else take it from host_address. So I tried to say if, source_address is null, then set source_address to host_address, else nothing. 
|process eval(if(source_address=null, source_address=host_address,)

There might be a fundamentally different way of doing this (i.e. without eval), but in case you hadn’t spotted it, the eval process plugin actually has its own manual under “Plugins” on the docs portal, and there are examples for the conditional statements here: https://docs.logpoint.com/docs/evaluation-process-plugin/en/latest/Conditional%20and%20Comparison%20functions.html#if-statement . Perhaps that helps?

There might be a fundamentally different way of doing this (i.e. without eval), but in case you hadn’t spotted it, the eval process plugin actually has its own manual under “Plugins” on the docs portal, and there are examples for the conditional statements here: https://docs.logpoint.com/docs/evaluation-process-plugin/en/latest/Conditional%20and%20Comparison%20functions.html#if-statement . Perhaps that helps?

Perfect thanks! Didn’t catch that one. 

Managed to do it with the following command
| process eval(“source_address=if(isnull(source_address)) {return host_address} else {return source_address}”)

Reply


Terms & ConditionsCookie settings