strcat_array
This page explains how to use the strcat_array function in APL.
The strcat_array function in Axiom Processing Language (APL) allows you to concatenate the elements of an array into a single string, with an optional delimiter separating each element. This function is useful when you need to transform a set of values into a readable or exportable format, such as combining multiple log entries, tracing IDs, or security alerts into a single output for further analysis or reporting.
For users of other query languages
If you come from other query languages, this section explains how to adjust your existing queries to achieve the same results in APL.
Splunk SPL users
Splunk SPL users
In Splunk SPL, concatenation typically involves transforming fields into a string using the eval command with the + operator or mvjoin() for arrays. In APL, strcat_array simplifies array concatenation by natively supporting array input with a delimiter.
ANSI SQL users
ANSI SQL users
In ANSI SQL, concatenation involves functions like STRING_AGG() or manual string building using CONCAT(). APL’s strcat_array is similar to STRING_AGG(), but focuses on array input directly with a customizable delimiter.
Usage
Syntax
Parameters
| Parameter | Type | Description |
|---|---|---|
array | dynamic | The array of values to concatenate. |
delimiter | string | The string used to separate each element in the concatenated result. Optional. Defaults to an empty string if not specified. |
Returns
A single concatenated string with the array’s elements separated by the specified delimiter.
Use case example
You can use strcat_array to combine HTTP methods and URLs for a quick summary of unique request paths.
Query
Output
| paths |
|---|
| GET /index, POST /submit, GET /about |
This query summarizes unique HTTP method and URL combinations into a single, readable string.
List of related functions
- array_length: Returns the number of elements in an array.
- array_index_of: Finds the index of an element in an array.
- array_concat: Combines multiple arrays.
strcat_array
This page explains how to use the strcat_array function in APL.
The strcat_array function in Axiom Processing Language (APL) allows you to concatenate the elements of an array into a single string, with an optional delimiter separating each element. This function is useful when you need to transform a set of values into a readable or exportable format, such as combining multiple log entries, tracing IDs, or security alerts into a single output for further analysis or reporting.
For users of other query languages
If you come from other query languages, this section explains how to adjust your existing queries to achieve the same results in APL.
Splunk SPL users
Splunk SPL users
In Splunk SPL, concatenation typically involves transforming fields into a string using the eval command with the + operator or mvjoin() for arrays. In APL, strcat_array simplifies array concatenation by natively supporting array input with a delimiter.
ANSI SQL users
ANSI SQL users
In ANSI SQL, concatenation involves functions like STRING_AGG() or manual string building using CONCAT(). APL’s strcat_array is similar to STRING_AGG(), but focuses on array input directly with a customizable delimiter.
Usage
Syntax
Parameters
| Parameter | Type | Description |
|---|---|---|
array | dynamic | The array of values to concatenate. |
delimiter | string | The string used to separate each element in the concatenated result. Optional. Defaults to an empty string if not specified. |
Returns
A single concatenated string with the array’s elements separated by the specified delimiter.
Use case example
You can use strcat_array to combine HTTP methods and URLs for a quick summary of unique request paths.
Query
Output
| paths |
|---|
| GET /index, POST /submit, GET /about |
This query summarizes unique HTTP method and URL combinations into a single, readable string.
List of related functions
- array_length: Returns the number of elements in an array.
- array_index_of: Finds the index of an element in an array.
- array_concat: Combines multiple arrays.