kvjoin()

The kvjoin() function joins key-value pairs from the current record using specified delimiters and returns the result as a single string.

Syntax

kvjoin(KV_DELIM, PAIR_DELIM[, REGEX])

Parameters

KV_DELIM
The delimiter string to insert between each key and its value.
PAIR_DELIM
The delimiter string to insert between key-value pairs.
REGEX
A regular expression that specifies which keys to include. If not specified, all key-value pairs in the record are included.

Description

The kvjoin() function iterates over each field in the current record, concatenating each entry in the form key + KV_DELIM + value, and inserts PAIR_DELIM between each pair to produce a single string.

If REGEX is specified, only key-value pairs whose key matches the regular expression are included.

If there are no keys to include in the result, an empty string ("") is returned.

Error codes

N/A

Usage examples

To prepare the WEB_APACHE_SAMPLE table used in these examples, refer to Preparing sample data.

  1. Join all key-value pairs from the record

    table limit=1 WEB_APACHE_SAMPLE | eval result = kvjoin("=", "&")
| # result: a string in the form "method=GET&uri=/feed&status=200&..."

  2. Select specific keys using a regular expression

    table limit=5 WEB_APACHE_SAMPLE | eval result = kvjoin("=", "&", "status|bytes") | fields status, bytes, result
| # result: "status=200&bytes=2780", etc.

  3. No matching keys

    json "{'name': 'Kim'}"
| eval result = kvjoin(":", ",", "src_.*")
| # result: ""

Compatibility

The kvjoin() function is available since before Sonar 4.0.