This page explains how to use the distinct operator function in APL.
distinct
operator in APL (Axiom Processing Language) returns a unique set of values from a specified field or set of fields. This operator is useful when you need to filter out duplicate entries and focus only on distinct values, such as unique user IDs, event types, or error codes within your datasets. Use the distinct
operator in scenarios where eliminating duplicates helps you gain clearer insights from your data, like when analyzing logs, monitoring system traces, or reviewing security incidents.
Splunk SPL users
dedup
command is often used to retrieve distinct values. In APL, the equivalent is the distinct
operator, which behaves similarly by returning unique values but without necessarily ordering them.ANSI SQL users
SELECT DISTINCT
to return unique rows from a table. In APL, the distinct
operator serves a similar function but is placed after the table reference rather than in the SELECT
clause.FieldName1, FieldName2, ...
: The fields to include in the distinct operation. If you specify multiple fields, the result will include rows where the combination of values across these fields is unique.distinct
operator returns a dataset with unique values from the specified fields, removing any duplicate entries.
distinct
operator helps identify unique users who made HTTP requests in a system.Queryid |
---|
user_123 |
user_456 |
user_789 |
distinct
.