Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding strip function to remove leading and trailing whitespace from … #4

Open
wants to merge 9 commits into
base: master
Choose a base branch
from
Open

Adding strip function to remove leading and trailing whitespace from … #4

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
196173f
Adding strip function to remove leading and trailing whitespace from …
Sep 4, 2019
1a1c12f
Merge branch 'master' of https://github.com/endgameinc/eql into featu…
Jan 9, 2020
2adb5a0
Broke lstrip() and rstrip() out into separate functions per https://g…
Jan 13, 2020
8bfc837
Fixed linter warnings in fuctions.py
Jan 13, 2020
eca2846
Adding tests for strip(), lstrip(), and rstrip()
Jan 13, 2020
77dd49a
Updated documentation to reflect strip, lstrip, and rstrip
Jan 14, 2020
7429dc5
Merge branch 'master' into feature/strip
reidgilman Feb 3, 2021
22cf1b5
final fix
reidgilman Feb 3, 2021
9d65fda
removed trailing whitespace
reidgilman Feb 3, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Merge branch 'master' of https://github.com/endgameinc/eql into featu… 
…re/strip
  • Loading branch information
ch200025 authored and ch200025 committed Jan 9, 2020
commit 1a1c12f5e2ebf1aef2f34bbdc0069bcb6182971d
14 changes: 14 additions & 0 deletions docs/query-guide/functions.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -172,6 +172,20 @@ math, string manipulation or more sophisticated expressions to be expressed.
:param: trailing: strip whitespace from the end of ``s``. Default is ``True``.

Returns a string with whitespace removed from the beginning and end of input string ``s``.
.. function:: substring(source [, start, end])

Extracts a substring between from another string between ``start`` and ``end``.
Like other EQL functions, ``start`` and ``end`` are zero-indexed positions in the string.
Behavior is similar to Python's `string slicing`_ (``source[start:end]``), and negative offsets are supported.

.. code-block:: eql

substring("event query language", 0, 5) // returns "event"
substring("event query language", 0, length("event")) // returns "event"
substring("event query language", 6, 11) // returns "query"
substring("event query language", -8) // returns "language"
substring("event query language", -length("language")) // returns "language"
substring("event query language", -5, -1)) // returns "guag"

.. function:: subtract(x, y)

Expand Down
You are viewing a condensed version of this merge commit. You can view the full changes here.