array_length
This page explains how to use the array_length function in APL.
The
Run in Playground
Output
This query finds spans associated with at least three events.
array_length function in APL (Axiom Processing Language) returns the length of an array. You can use this function to analyze and filter data by array size, such as identifying log entries with specific numbers of entries or events with multiple tags. This function is useful for analyzing structured data fields that contain arrays, such as lists of error codes, tags, or IP addresses.
For users of other query languages
If you come from other query languages, this section explains how to adjust your existing queries to achieve the same results in APL.Splunk SPL users
Splunk SPL users
In Splunk SPL, you might use the
mvcount function to determine the length of a multivalue field. In APL, array_length serves the same purpose by returning the size of an array within a column.ANSI SQL users
ANSI SQL users
In ANSI SQL, you would use functions such as
CARDINALITY or ARRAY_LENGTH (in databases that support arrays) to get the length of an array. In APL, the array_length function is straightforward and works directly with array fields in any dataset.Usage
Syntax
Parameters
- array_expression: An expression representing the array to measure.
Returns
The function returns an integer representing the number of elements in the specified array.Use case example
In OpenTelemetry traces,array_length can reveal the number of events associated with a span.
Query
| _time | trace_id | span_id | service.name | event_count |
|---|---|---|---|---|
| 2024-10-28T12:30:00 | trace_abc123 | span_001 | frontend | 3 |
List of related functions
- array_slice: Extracts a subset of elements from an array.
- array_concat: Combines multiple arrays.
- array_shift_left: Shifts array elements one position to the left, moving the first element to the last position.