Hi,
it is possible to use multiple fields inside foreach on profiler ?
i’ve try using AND like below but it failed. pls help
{
"profiles": [
{
"profile": "hello-world",
"onlyif": "exists(ip_src_addr) AND exists(ip_dst_addr)",
"foreach": "ip_src_addr AND ip_dst_addr,
Hi,
The expression provided in foreach statement is not valid. It should resolve to
single object string.
Thanks,
Anil.
From: Youzha [mailto:yuza.ras...@gmail.com]
Sent: Wednesday, July 17, 2019 9:17 PM
To: user@metron.apache.org
Subject: [ask] create profile for profiler with multiple fields o
I suspect what you mean is a concatenation of the source and dest to get
the pairs as a foreach key, so you actually want something like: "foreach":
"ip_src_addr + '-' + ip_dst_addr"
Simon
On Wed, 17 Jul 2019 at 17:01, Anil Donthireddy
wrote:
> Hi,
>
>
>
> The expression provided in foreach sta
