rows_near plugin
Learn how to use the rows_near plugin to find rows near a specified condition.
Finds rows near a specified condition.
The plugin is invoked with the evaluate operator.
Syntax
T | evaluate rows_near(Condition, NumRows, [, RowsAfter ])
Parameters
| Name | Type | Required | Description |
|---|---|---|---|
| T | string | ✔️ | The input tabular expression. |
| Condition | bool | ✔️ | Represents the condition to find rows around. |
| NumRows | int | ✔️ | The number of rows to find before and after the condition. |
| RowsAfter | int | When specified, overrides the number of rows to find after the condition. |
Returns
Every row from the input that is within NumRows from a true Condition,
When RowsAfter is specified, returns every row from the input that is NumRows before or RowsAfter after a true Condition.
Example
Find rows with an "Error" State, and returns 2 rows before and after the "Error" record.
datatable (Timestamp:datetime, Value:long, State:string )
[
datetime(2021-06-01), 1, "Success",
datetime(2021-06-02), 4, "Success",
datetime(2021-06-03), 3, "Success",
datetime(2021-06-04), 11, "Success",
datetime(2021-06-05), 15, "Success",
datetime(2021-06-06), 2, "Success",
datetime(2021-06-07), 19, "Error",
datetime(2021-06-08), 12, "Success",
datetime(2021-06-09), 7, "Success",
datetime(2021-06-10), 9, "Success",
datetime(2021-06-11), 4, "Success",
datetime(2021-06-12), 1, "Success",
]
| sort by Timestamp asc
| evaluate rows_near(State == "Error", 2)
Output
| Timestamp | Value | State |
|---|---|---|
| 2021-06-05 00:00:00.0000000 | 15 | Success |
| 2021-06-06 00:00:00.0000000 | 2 | Success |
| 2021-06-07 00:00:00.0000000 | 19 | Error |
| 2021-06-08 00:00:00.0000000 | 12 | Success |
| 2021-06-09 00:00:00.0000000 | 7 | Success |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.