Split

Learn about the Split OTTL converter function.

less than a minute

The Split converter splits a string into an array based on a specified delimiter.

Syntax: Split(value, separator)

value: the bracket notation location of the string to split
separator: the delimiter string to use for splitting

Input

{
	"_type": "log",
	"timestamp": 1734585789794,
	"body": "host=172.17.15.39,user-identifier=68b148de-7ce3-423c-b72d-64a4f21ecfc0,time_local=2024-12-15T22:40:53.723160Z,method=POST,request=/styles/main.css,protocol=HTTP/2,status=403,bytes_sent=1043",
	"resource": {...},
	"attributes": {
		"decoded_body": "host=172.17.15.39,user-identifier=68b148de-7ce3-423c-b72d-64a4f21ecfc0,time_local=2024-12-15T22:40:53.723160Z,method=POST,request=/styles/main.css,protocol=HTTP/2,status=403,bytes_sent=1043"
	}
}

Statement

set(attributes["split"], Split(attributes["decoded_body"], ","))

Output

{
	"_type": "log",
	"timestamp": 1734585827627,
	"body": "host=172.17.15.39,user-identifier=68b148de-7ce3-423c-b72d-64a4f21ecfc0,time_local=2024-12-15T22:40:53.723160Z,method=POST,request=/styles/main.css,protocol=HTTP/2,status=403,bytes_sent=1043",
	"resource": {...},
	"attributes": {
		"decoded_body": "host=172.17.15.39,user-identifier=68b148de-7ce3-423c-b72d-64a4f21ecfc0,time_local=2024-12-15T22:40:53.723160Z,method=POST,request=/styles/main.css,protocol=HTTP/2,status=403,bytes_sent=1043",
		"split": [
			"host=172.17.15.39",
			"user-identifier=68b148de-7ce3-423c-b72d-64a4f21ecfc0",
			"time_local=2024-12-15T22:40:53.723160Z",
			"method=POST",
			"request=/styles/main.css",
			"protocol=HTTP/2",
			"status=403",
			"bytes_sent=1043"
		]
	}
}

The string decoded_body was split into an array split.

Split

Edge Delta AI Assistant

Quick Topics

Recent Questions

Hi! I'm your Edge Delta AI Assistant

Current Context