This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using CASE in DPL

AntonioSousa
DynaMight Guru
DynaMight Guru

‎14 Nov 2024 01:21 AM - last edited on ‎26 Nov 2024 10:51 AM by Community Team

When using DPL, namely in Logs Classic, we sometimes have to check and convert values.

One great example is converting trap severity OID values into their corresponding loglevel's in Dynatrace.

I have managed to make my first conversion, and it goes like this:

 

 

USING (INOUT "CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0":STRING ) | FIELDS_ADD( loglevel: (
case
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '1' then 'CRITICAL'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '2' then 'ERROR'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '3' then 'SEVERE'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '4' then 'WARN'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '5' then 'NOTICE'
 when COLUMN("CISCO-SMI::ciscoMgmt.311.1.1.2.1.17.0") == '6' then 'INFO'
 else "NONE"
end
) )

 

 

 

While I still want to confirm if these loglevel's are the best match, I believe it is pretty self-explanatory.
BTW, the Cisco definition is:

 

 

1—Critical
2—Major
3—Minor
4—Warning
5—Clear
6—Info

 

 

 

Also, thanks for this great finding: https://community.dynatrace.com/t5/Log-Analytics/Log-Processing-CASE-WHEN-THEN-ELSE-END-Documentatio...

Antonio Sousa
Labels:
Reply
0 REPLIES 0
Ask a question

Featured Posts