cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using CASE in DPL

AntonioSousa
DynaMight Guru
DynaMight Guru

When using DPL, namely in Logs Classic, we sometimes have to check and convert values.

One great example is converting trap severity OID values into their corresponding loglevel's in Dynatrace.

I have managed to make my first conversion, and it goes like this:

 

 

USING (INOUT "CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0":STRING ) | FIELDS_ADD( loglevel: (
case
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '1' then 'CRITICAL'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '2' then 'ERROR'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '3' then 'SEVERE'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '4' then 'WARN'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '5' then 'NOTICE'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '6' then 'INFO'
 else "NONE"
end
) )

 

 

 

While I still want to confirm if these loglevel's are the best match, I believe it is pretty self-explanatory.
BTW, the Cisco definition is:

 

 

1—Critical
2—Major
3—Minor
4—Warning
5—Clear
6—Info

 

 

 

Also, thanks for this great finding: https://community.dynatrace.com/t5/Log-Analytics/Log-Processing-CASE-WHEN-THEN-ELSE-END-Documentatio...

Antonio Sousa
0 REPLIES 0

Featured Posts