TechQA.

siddhi count() returns a value per event, not for a group(or window)

234 views Asked by At 
define stream rawStream ( catBehavior string, catOutcome string, srcAddress string, deviceCat string, 
                         srcUsername string, catObject string, destAddress string, appProtocol string, 
                         testMinCount string , testGroupBy string );

@info(name = 'condition1')
from rawStream[ catBehavior == '/Authentication/Verify' ]
select srcAddress, catOutcome, deviceCat, srcUsername, destAddress, appProtocol, 
testMinCount, distinctcount( testMinCount ) as distinctMinCount, testGroupBy, count() as count
group by testGroupBy

insert into e1_OutputStream

this is the query I defined.and the events I sent are

rawStream=[/Authentication/Verify,FAIL,1.1.1.1,deviceCat,srcUsername,catObject,destAddress,appProtocol,dis0,group1]
...
rawStream=[/Authentication/Verify,FAIL,1.1.1.1,deviceCat,srcUsername,catObject,destAddress,appProtocol,dis9,group9]

and the result turns out that the count is ++ per event

[
  {
    "timestamp": 1482803288482,
    "data": [
      ...
      "dis0",
      1,
      "group1",
      1
    ],
    "isExpired": false
  }
][
  {
    "timestamp": 1482803288482,
    "data": [
      ...
      "dis9",
      9,
      "group9",
      9
    ],
    "isExpired": false
  }
]

but in the correlation part, I want to do correlate and one cond is filter a group(or window) like "if events in group(usename) >20 then" what should I do?

stream wso2 complex-event-processing siddhi
Original Q&A
0

There are 0 answers

Related Questions in STREAM

Related Questions in WSO2

Related Questions in COMPLEX-EVENT-PROCESSING

Related Questions in SIDDHI

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions