Try this:
data record(content = "This is test logs ~AB:4~CD:3~CD:6~EF:5~AB:3")
| fieldsAdd parts = splitString(content, "~")
| expand parts
| filter contains(parts, ":")
| parse parts, "LD:key ':' LONG:value"
| summarize
AB = arrayRemoveNulls(collectArray(if(key == "AB", value, else: NULL))),
CD = arrayRemoveNulls(collectArray(if(key == "CD", value, else: NULL))),
EF = arrayRemoveNulls(collectArray(if(key == "EF", value, else: NULL))),
by: { content }
| fieldsAdd
`arraymax(AB)` = arrayMax(AB),
`arraymin(AB)` = arrayMin(AB),
`arraymax(CD)` = arrayMax(CD),
`arraymin(CD)` = arrayMin(CD)
you should revice this:
Featured Posts
