-
|
I wanted to ask about this line from the docs:
This is a bit confusing--does "each group" consist of all the fields in a single group_by, or is each field listed in the group_by section an independent group? And if the latter interpretation is correct, how would I accomplish grouping by a combination of fields? Could I combine the desired fields into an array and group by that, or would I need to concatenate them into a string? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 3 replies
-
|
Hi @jblang ! The |
Beta Was this translation helpful? Give feedback.
-
|
OK, that's what I would have expected but then that line in the doc made me second guess. |
Beta Was this translation helpful? Give feedback.
-
|
I opened #13330 to update the docs. Does that read any clearer to you? I agree the original was a bit ambiguous. |
Beta Was this translation helpful? Give feedback.
-
|
Yes, that is clearer. I really appreciate how responsive you all are to feedback. Vector is a great project. |
Beta Was this translation helpful? Give feedback.
Hi @jblang !
The
group_byforms a "composite key" by which incoming events are grouped before thereduceis applied. So if you havegroup_by = ["host", "region"], all incoming lines withhost = X and region = Ywill be grouped together.