Arbiter Built-in Functions¶

`append`¶

Function description: Appends a value to a list.

Function parameters:

li: The list to append to.
v: The value to append.

Return value:

list: The list with the appended value.

Example:

Example 0:

Script content:

v = [1, 2, 3]
v = append(v, 4)
printf("%v", v)

Standard output:

[1,2,3,4]

Example 1:

Script content:

v = [1, 2, 3]
v = append(v, "a", 1.1)
printf("%v", v)

Standard output:

[1,2,3,"a",1.1]

`b64dec`¶

Function prototype: fn b64dec(data: str) -> (str, bool)

Function description: Base64 decoding.

Function parameters:

data: Data that needs to be base64 decoded.

Return value:

str: The decoded string.
bool: Whether decoding is successful.

Example:

Example 0:

Script content:

v = "aGVsbG8sIHdvcmxk"
v, ok = b64dec(v)
if ok {
    printf("%v", v)
}

Standard output:

hello, world

`b64enc`¶

Function prototype: fn b64enc(data: str) -> (str, bool)

Function description: Base64 encoding.

Function parameters:

data: Data that needs to be base64 encoded.

Return value:

str: The encoded string.
bool: Whether encoding is successful.

Example:

Example 0:

Script content:

v = "hello, world"
v = b64enc(v)
printf("%v", v)

Standard output:

aGVsbG8sIHdvcmxk

`call_func`¶

Function prototype: fn call_func(name: str, kwargs: map = {}) -> map

Function description: Calling remote functions on the Function platform

Function parameters:

name: Remote function name.
kwargs: Parameter map, corresponding to **kwargs in Python.

Return value:

map:

Example:

Example 0:

Script content:

result = call_func("echo", {
    "arg_1": "1",
    "arg_2": [12,3],
    "key3": "true"
})
printf("%v", result)

Standard output:

{"error":"","message":"","ok":true,"reason":"","result":{"arg_1":"1","arg_2":[12,3],"kwargs":{"key3":"true"}}}

Example 1:

Script content:

result = call_func("echo", {"arg_2": [12,3]})
printf("%v", result)

Standard output:

{"detail":{"exeception":"TypeError(\"echo() missing 1 required positional argument: 'arg_1'\")"},"error":"call function failed, api status code 599","message":"Func task failed","ok":false,"reason":"EFuncFailed"}

`cast`¶

Function prototype: fn cast(val: bool|int|float|str, typ: str) -> bool|int|float|str

Function description: Convert the value to the target type.

Function parameters:

val: The value of the type to be converted.
typ: Target type. One of (bool, int, float, str).

Return value:

bool|int|float|str: The value after the conversion.

Example:

Example 0:

Script content:

v1 = "1.1"
v2 = "1"
v2_1 = "-1"
v3 = "true"

printf("%v; %v; %v; %v; %v; %v; %v; %v\n",
    cast(v1, "float") + 1,
    cast(v2, "int") + 1,
    cast(v2_1, "int"),
    cast(v3, "bool") + 1,

    cast(cast(v3, "bool") - 1, "bool"),
    cast(1.1, "str"),
    cast(1.1, "int"),
    cast(1.1, "bool")
)

Standard output:

2.1; 2; -1; 2; false; 1.1; 1; true

`cidr`¶

Function prototype: fn cidr(ip: str, mask: str) -> bool

Function description: Check the IP whether in CIDR block

Function parameters:

ip: The ip address
mask: The CIDR mask

Return value:

bool: Whether the IP is in CIDR block

Example:

Example 0:

Script content:

ip = "192.0.2.233"
if cidr(ip, "192.0.2.1/24") {
    printf("%s", ip)
}

Standard output:

192.0.2.233

Example 1:

Script content:

ip = "192.0.2.233"
if cidr(mask="192.0.1.1/24", ip=ip) {
    printf("%s", ip)
}

Standard output:

`delete`¶

Function prototype: fn delete(m: map, key: str)

Function description: Delete key from the map.

Function parameters:

m: The map for deleting key
key: Key need delete from map.

Example:

Example 0:

Script content:

v = {
    "k1": 123,
    "k2": {
        "a": 1,
        "b": 2,
    },
    "k3": [{
        "c": 1.1, 
        "d":"2.1",
    }]
}
delete(v["k2"], "a")
delete(v["k3"][0], "d")
printf("result group 1: %v; %v\n", v["k2"], v["k3"])

v1 = {"a":1}
v2 = {"b":1}
delete(key="a", m=v1)
delete(m=v2, key="b")
printf("result group 2: %v; %v\n", v1, v2)

Standard output:

result group 1: {"b":2}; [{"c":1.1}]
result group 2: {}; {}

`dql`¶

Function prototype: fn dql(query: str, qtype: str = "dql", limit: int = 10000, offset: int = 0, slimit: int = 0, time_range: list = []) -> map

Function description: Query data from the GuanceCloud using dql or promql.

Function parameters:

query: DQL or PromQL query statements.
qtype: Query language, One of dql or promql, default is dql.
limit: Query limit.
offset: Query offset.
slimit: Query slimit.
time_range: Query timestamp range, the default value can be modified externally by the script caller.

Return value:

map: Query response.

Example:

Example 0:

Script content:

v = dql("M::cpu limit 2 slimit 2")
v, ok = dump_json(v, "    ")
if ok {
    printf("%v", v)
}

Standard output:

{
    "series": [
        [
            {
                "columns": {
                    "time": 1744866108991,
                    "total": 7.18078381,
                    "user": 4.77876106
                },
                "tags": {
                    "cpu": "cpu-total",
                    "guance_site": "testing",
                    "host": "172.16.241.111",
                    "host_ip": "172.16.241.111",
                    "name": "cpu",
                    "project": "cloudcare-testing"
                }
            },
            {
                "columns": {
                    "time": 1744866103991,
                    "total": 10.37376049,
                    "user": 7.17009916
                },
                "tags": {
                    "cpu": "cpu-total",
                    "guance_site": "testing",
                    "host": "172.16.241.111",
                    "host_ip": "172.16.241.111",
                    "name": "cpu",
                    "project": "cloudcare-testing"
                }
            }
        ],
        [
            {
                "columns": {
                    "time": 1744866107975,
                    "total": 21.75562864,
                    "user": 5.69187959
                },
                "tags": {
                    "cpu": "cpu-total",
                    "guance_site": "testing",
                    "host": "172.16.242.112",
                    "host_ip": "172.16.242.112",
                    "name": "cpu",
                    "project": "cloudcare-testing"
                }
            },
            {
                "columns": {
                    "time": 1744866102975,
                    "total": 16.59466328,
                    "user": 5.28589581
                },
                "tags": {
                    "cpu": "cpu-total",
                    "guance_site": "testing",
                    "host": "172.16.242.112",
                    "host_ip": "172.16.242.112",
                    "name": "cpu",
                    "project": "cloudcare-testing"
                }
            }
        ]
    ],
    "status_code": 200
}

`dql_series_get`¶

Function prototype: fn dql_series_get(series: map, name: str) -> list

Function description: get series data

Function parameters:

series: dql query result
name: column or tag name

Return value:

list: specified column or tag value for the series

Example:

Example 0:

Script content:

v = dql("M::cpu limit 2 slimit 2") 

hostLi = dql_series_get(v, "host")
time_li = dql_series_get(v, "time")

printf("%v", {"host": hostLi, "time": time_li})

Standard output:

{"host":[["172.16.241.111","172.16.241.111"],["172.16.242.112","172.16.242.112"]],"time":[[1744866108991,1744866103991],[1744866107975,1744866102975]]}

`dql_timerange_get`¶

Function prototype: fn dql_timerange_get() -> list

Function description: Get the time range of the DQL query, which is passed in by the script caller or defaults to the last 15 minutes.

Return value:

list: The time range. For example, [1744214400000, 1744218000000], the timestamp precision is milliseconds

Example:

Example 0:

Script content:

val = dql_timerange_get()
printf("%v", val)

Standard output:

[1672531500000,1672532100000]

Example 1:

Script content:

val = dql_timerange_get()
printf("%v", val)

Standard output:

[1672531200000,1672532100000]

`dump_json`¶

Function prototype: fn dump_json(v: str, indent: str = "") -> (str, bool)

Function description: Returns the JSON encoding of v.

Function parameters:

v: Object to encode.
indent: Indentation prefix.

Return value:

str: JSON encoding of v.
bool: Whether decoding is successful.

Example:

Example 0:

Script content:

v = {"a": 1, "b": 2.1}
v, ok = dump_json(v)
if ok {
    printf("%v", v)
}

Standard output:

{"a":1,"b":2.1}

Example 1:

Script content:

v = {"a": 1, "b": 2.1}
v, ok = dump_json(v, "  ")
if ok {
    printf("%v", v)
}

Standard output:

{
  "a": 1,
  "b": 2.1
}

`exit`¶

Function prototype: fn exit()

Function description: Exit the program

Example:

Example 0:

Script content:

printf("1\n")
printf("2\n")
exit()
printf("3\n")

Standard output:

1
2

`format_int`¶

Function prototype: fn format_int(val: int, base: int) -> str

Function description: Formats an integer into a string.

Function parameters:

val: The integer to format.
base: The base to use for formatting. Must be between 2 and 36.

Return value:

str: The formatted string.

Example:

Example 0:

Script content:

v = format_int(16, 16)
printf("%s", v)

Standard output:

`geoip`¶

Function prototype: fn geoip(ip: str) -> map

Function description: GeoIP

Function parameters:

ip: IP address.

Return value:

map: IP geographical information.

Example:

Example 0:

Script content:

v = geoip("127.0.0.1")
printf("%v", v)

Standard output:

{"city":"","country":"","isp":"unknown","province":""}

Example 1:

Script content:

ip_addr = "114.114.114.114"
v, ok = dump_json(geoip(ip_addr), "    ");
if ok {
    printf("%v", v)
}

Standard output:

 {
    "city": "Ji'an",
    "country": "CN",
    "isp": "chinanet",
    "province": "Jiangxi"
}

`gjson`¶

Function description: GJSON provides a fast and easy way to get values from a JSON document.

Function parameters:

input: JSON format string to parse.
json_path: JSON path.

Return value:

bool|int|float|str|list|map: Parsed result.
bool: Parsed status.

Example:

Example 0:

Script content:

v='''{
    "name": {"first": "Tom", "last": "Anderson"},
    "age": 37,
    "children": ["Sara","Alex","Jack"],
    "fav.movie": "Deer Hunter",
    "friends": [
        {"first": "Dale", "last": "Murphy", "age": 44, "nets": ["ig", "fb", "tw"]},
        {"first": "Roger", "last": "Craig", "age": 68, "nets": ["fb", "tw"]},
        {"first": "Jane", "last": "Murphy", "age": 47, "nets": ["ig", "tw"]}
    ]
}'''
age, ok = gjson(v, "age")
if ok {
    printf("%.0f", age)
} else {
    printf("not found")
}

Standard output:

Example 1:

Script content:

v='''{
    "name": {"first": "Tom", "last": "Anderson"},
    "age": 37,
    "children": ["Sara","Alex","Jack"],
    "fav.movie": "Deer Hunter",
    "friends": [
        {"first": "Dale", "last": "Murphy", "age": 44, "nets": ["ig", "fb", "tw"]},
        {"first": "Roger", "last": "Craig", "age": 68, "nets": ["fb", "tw"]},
        {"first": "Jane", "last": "Murphy", "age": 47, "nets": ["ig", "tw"]}
    ]
}'''
name, ok = gjson(v, "name")
printf("%v", name)

Standard output:

{"first": "Tom", "last": "Anderson"}

Example 2:

Script content:

v='''[
    {"first": "Dale", "last": "Murphy", "age": 44, "nets": ["ig", "fb", "tw"]},
    {"first": "Roger", "last": "Craig", "age": 68, "nets": ["fb", "tw"]},
    {"first": "Jane", "last": "Murphy", "age": 47, "nets": ["ig", "tw"]}
]'''
net, ok = gjson(v, "0.nets.2")
printf("%v", net)

Standard output:

tw

`grok`¶

Function prototype: fn grok(input: str, pattern: str, extra_patterns: map = {}, trim_space: bool = true) -> (map, bool)

Function description: Extracts data from a string using a Grok pattern. Grok is based on regular expression syntax, and using regular (named) capture groups in a pattern is equivalent to using a pattern in a pattern. A valid regular expression is also a valid Grok pattern.

Function parameters:

input: The input string used to extract data.
pattern: The pattern used to extract data.
extra_patterns: Additional patterns for parsing patterns.
trim_space: Whether to trim leading and trailing spaces from the parsed value.

Return value:

map: The parsed result.
bool: Whether the parsing was successful.

Example:

Example 0:

Script content:

app_log="2021-01-11T17:43:51.887+0800  DEBUG io  io/io.go:458  post cost 6.87021ms"

# Use built-in patterns, named capture groups, custom patterns, extract fields;
# convert the type of the extracted field by specifying the type.
v, ok = grok(
    app_log,
    "%{TIMESTAMP_ISO8601:log_time}\\s+(?P<log_level>[a-zA-Z]+)\\s+%{WORD}\\s+%{log_code_pos_pattern:log_code_pos}.*\\s%{NUMBER:log_cost:float}ms", 
    {
        "log_code_pos_pattern": "[a-zA-Z0-9/\\.]+:\\d+", 
    }
)

if ok {
    v, ok = dump_json(v, "  ")
    if ok {
        printf("%v", v)
    }
}

Standard output:

{
  "log_code_pos": "io/io.go:458",
  "log_cost": 6.87021,
  "log_level": "DEBUG",
  "log_time": "2021-01-11T17:43:51.887+0800"
}

`hash`¶

Function prototype: fn hash(text: str, method: str) -> str

Function description:

Function parameters:

text: The string used to calculate the hash.
method: Hash Algorithms, allowing values including md5, sha1, sha256, sha512.

Return value:

str: The hash value.

Example:

Example 0:

Script content:

printf("%v", hash("abc", "md5"))

Standard output:

900150983cd24fb0d6963f7d28e17f72

Example 1:

Script content:

printf("%v", hash("abc", "sha1"))

Standard output:

a9993e364706816aba3e25717850c26c9cd0d89d

Example 2:

Script content:

printf("%v", hash("abc", "sha256"))

Standard output:

ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad

Example 3:

Script content:

printf("%v", hash("abc", "sha512"))

Standard output:

ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f

Example 4:

Script content:
```
printf("%v", hash("abc", "xx"))
```
Standard output:

`http_request`¶

Function prototype: fn http_request(method: str, url: str, body: bool|int|float|str|list|map = nil, headers: map = {}) -> map

Function description: Used to send http request.

Function parameters:

method: HTTP request method
url: HTTP request url
body: HTTP request body
headers: HTTP request headers

Return value:

map: HTTP response

Example:

Example 0:

Script content:

resp = http_request("GET", "http://test-domain/test")
delete(resp["headers"], "Date")
resp_str, ok = dump_json(resp, "    ")
printf("%s", resp_str)

Standard output:

{
    "body": "{\"code\":200, \"message\":\"success\"}",
    "headers": {
        "Content-Length": "33",
        "Content-Type": "application/json"
    },
    "status_code": 200
}

Example 1:

Script content:

resp = http_request("GET", "http://localhost:80/test")

# Usually, access to private IPs will be blocked,
# you need to contact the administrator.

resp_str, ok = dump_json(resp, "    ")
printf("%s", resp_str)

Standard output:

{
    "error": "Get \"http://localhost:80/test\": resolved IP 127.0.0.1 is blocked"
}

`len`¶

Function prototype: fn len(val: map|list|str) -> int

Function description: Get the length of the value. If the value is a string, returns the length of the string. If the value is a list or map, returns the length of the list or map.

Function parameters:

val: The value to get the length of.

Return value:

int: The length of the value.

Example:

Example 0:

Script content:
```
printf("%v", len("abc"))
```
Standard output:
```
3
```
Example 1:

Script content:
```
printf("%v", len([1, 2, 3]))
```
Standard output:
```
3
```

Example 2:

Script content:

printf("%v", len({"a": 1, "b": 2, "c": 3}))

Standard output:

`load_json`¶

Function description: Unmarshal json string

Function parameters:

val: JSON string.

Return value:

bool|int|float|str|list|map: Unmarshal result.
bool: Unmarshal status.

Example:

Example 0:

Script content:

jstr = '{"a": 1, "b": 2, "c": 3}'
v, ok = load_json(jstr)
if ok {
    printf("%v", v["b"])
}

Standard output:

`lowercase`¶

Function prototype: fn lowercase(val: str) -> str

Function description: Converts a string to lowercase.

Function parameters:

val: The string to convert.

Return value:

str: Returns the lowercase value.

Example:

Example 0:

Script content:
```
printf("%s", lowercase("ABC"))
```
Standard output:
```
abc
```

`match`¶

Function prototype: fn match(val: str, pattern: str, n: int = 1) -> (list, bool)

Function description: Regular expression matching.

Function parameters:

val: The string to match.
pattern: Regular expression pattern.
n: The number of matches to return. Defaults to 1, -1 for all matches.

Return value:

list: Returns the matched value.
bool: Returns true if the regular expression matches.

Example:

Example 0:

Script content:

text="abc def 123 abc def 123"
v, ok = match(text, "(abc) (?:def) (?P<named_group>123)")
if ok {
    printf("%v", v)
}

Standard output:

[["abc def 123","abc","123"]]

Example 1:

Script content:

text="abc def 123 abc def 123"
v, ok = match(text, "(abc) (?:def) (?P<named_group>123)", -1)
if ok {
    printf("%v", v)
}

Standard output:

[["abc def 123","abc","123"],["abc def 123","abc","123"]]

`parse_date`¶

Function prototype: fn parse_date(date: str, timezone: str = "") -> (int, bool)

Function description: Parses a date string to a nanoseconds timestamp, support multiple date formats. If the date string not include timezone and no timezone is provided, the local timezone is used.

Function parameters:

date: The key to use for parsing.
timezone: The timezone to use for parsing. If

Return value:

int: The parsed timestamp in nanoseconds.
bool: Whether the parsing was successful.

Example:

Example 0:

Script content:

v, ok = parse_date("2021-12-2T11:55:43.123+0800")
if ok {
    printf("%v", v)
}

Standard output:

1638417343123000000

Example 1:

Script content:

v, ok = parse_date("2021-12-2T11:55:43.123", "+8")
if ok {
    printf("%v", v)
}

Standard output:

1638417343123000000

Example 2:

Script content:

v, ok = parse_date("2021-12-2T11:55:43.123", "Asia/Shanghai")
if ok {
    printf("%v", v)
}

Standard output:

1638417343123000000

`parse_duration`¶

Function prototype: fn parse_duration(s: str) -> (int, bool)

Function description: Parses a golang duration string into a duration. A duration string is a sequence of possibly signed decimal numbers with optional fraction and unit suffixes for each number, such as 300ms, -1.5h or 2h45m. Valid units are ns, us (or μs), ms, s, m, h.

Function parameters:

s: The string to parse.

Return value:

int: The duration in nanoseconds.
bool: Whether the duration is valid.

Example:

Example 0:

Script content:

v, ok = parse_duration("1s")
if ok {
    printf("%v", v)
}

Standard output:

1000000000

Example 1:

Script content:

v, ok = parse_duration("100ns")
if ok {
    printf("%v", v)
}

Standard output:

`parse_int`¶

Function prototype: fn parse_int(val: str, base: int) -> (int, bool)

Function description: Parses a string into an integer.

Function parameters:

val: The string to parse.
base: The base to use for parsing. Must be between 2 and 36.

Return value:

int: The parsed integer.
bool: Whether the parsing was successful.

Example:

Example 0:

Script content:

v, ok = parse_int("123", 10)
if ok {
    printf("%v", v)
}

Standard output:

Example 1:

Script content:

v, ok = parse_int("123", 16)    
if ok {
    printf("%v", v)
}

Standard output:

`printf`¶

Function description: Output formatted strings to the standard output device.

Function parameters:

format: String format.
args: Argument list, corresponding to the format specifiers in the format string.

Example:

Example 0:

Script content:

printf("hello, %s", "world")

Standard output:

hello, world

`replace`¶

Function prototype: fn replace(input: str, pattern: str, replacement: str) -> (str, bool)

Function description: Replaces text in a string.

Function parameters:

input: The string to replace text in.
pattern: Regular expression pattern.
replacement: Replacement text to use.

Return value:

str: The string with text replaced.
bool: True if the pattern was found and replaced, false otherwise.

Example:

Example 0:

Script content:

v, ok = replace("abcdef", "bc", "123")
printf("%s", v)

Standard output:

a123def

Example 1:

Script content:

v, ok = replace("bonjour; 你好", "[\u4e00-\u9fa5]+", "hello")
printf("%s", v)

Standard output:

bonjour; hello

`sql_cover`¶

Function prototype: fn sql_cover(val: str) -> (str, bool)

Function description: Obfuscate SQL query string.

Function parameters:

val: The sql to obfuscate.

Return value:

str: The obfuscated sql.
bool: The obfuscate status.

Example:

Example 0:

Script content:

```txt v, ok = sql_cover("select abc from def where x > 3 and y < 5") if ok { printf("%s",v) }
```
Standard output:

```txt
select abc from def where x > ? and y < ?
```

Example 1:

Script content:

v, ok = sql_cover("SELECT $func$INSERT INTO table VALUES ('a', 1, 2)$func$ FROM users")
if ok {
    printf("%s",v)
}

Standard output:

SELECT ? FROM users

Example 2:

Script content:

v, ok = sql_cover("SELECT ('/uffd')")
if ok {
    printf("%s",v)
}

Standard output:

SELECT ( ? )

`str_join`¶

Function prototype: fn str_join(li: list, sep: str) -> str

Function description: String join.

Function parameters:

li: List to be joined with separator. The elements type need to be string, if not, they will be ignored.
sep: Separator to be used between elements.

Return value:

str: Joined string.

Example:

Example 0:

Script content:

v = str_join(["a", "b", "c"], "##")
printf("%s", v)

Standard output:

a##b##c

`strfmt`¶

Function description:

Function parameters:

format: String format.
args: Parameters to replace placeholders.

Return value:

str: String.

Example:

Example 0:

Script content:

v = strfmt("abc %s def %d", "123", 456)
printf("%s", v)

Standard output:

abc 123 def 456

`time_now`¶

Function prototype: fn time_now(precision: str = "ns") -> int

Function description: Get current timestamp with the specified precision.

Function parameters:

precision: The precision of the timestamp. Supported values: ns, us, ms, s.

Return value:

int: Returns the current timestamp.

Example:

Example 0:

Script content:
```
printf("%v", time_now("s"))
```
Standard output:
```
1745823860
```

`trigger`¶

Function prototype: fn trigger(result: int|float|bool|str, status: str = "", dimension_tags: map = {}, related_data: map = {})

Function description: Trigger a security event.

Function parameters:

result: Event check result.
status: Event status. One of: (critical, high, medium, low, info).
dimension_tags: Dimension tags.
related_data: Related data.

Example:

Example 0:

Script content:
```
trigger(1, "critical", {"tag_abc":"1"}, {"a":"1", "a1":2.1})

trigger(result=2, dimension_tags={"a":"1", "b":"2"}, related_data={"b": {}})

trigger(false, related_data={"a":1, "b":2}, status="critical")

trigger("hello", dimension_tags={}, related_data={"a":1, "b":[1]}, status="critical")
```
Standard output:
Trigger output:
```
                                           
```
name="__codelineno-109-1">[ { "result": 1, "status": "critical", "dimension_tags": { "tag_abc": "1" }, "related_data": { "a": "1", "a1": 2.1 } }, { "result": 2, "status": "", "dimension_tags": { "a": "1", "b": "2" }, "related_data": { "b": {} } }, { "result": false, "status": "critical", "dimension_tags": {}, "related_data": { "a": 1, "b": 2 } }, { "result": "hello", "status": "critical", "dimension_tags": {}, "related_data": { "a": 1, "b": [ 1 ] } } ]

`trim`¶

Function prototype: fn trim(val: str, cutset: str = "", side: int = 0) -> str

Function description: Removes leading and trailing whitespace from a string.

Function parameters:

val: The string to trim.
cutset: Characters to remove from the beginning and end of the string. If not specified, whitespace is removed.
side: The side to trim from. If value is 0, trim from both sides. If value is 1, trim from the left side. If value is 2, trim from the right side.

Return value:

str: The trimmed string.

Example:

Example 0:

Script content:
```
printf("%s", trim(" abcdef "))
```
Standard output:
```
abcdef
```

Example 1:

Script content:

printf("%s", trim("#-abcdef-#", "-#", 2))

Standard output:

#-abcdef

Example 2:

Script content:

printf("%s", trim("#-abcdef-#", "-#", 1))

Standard output:

abcdef-#

Example 3:

Script content:

printf("%s", trim("#-abcdef-#", side=0, cutset="-#"))

Standard output:

abcdef

`uppercase`¶

Function prototype: fn uppercase(val: str) -> str

Function description: Converts a string to uppercase.

Function parameters:

val: The string to convert.

Return value:

str: Returns the uppercase value.

Example:

Example 0:

Script content:
```
printf("%s", uppercase("abc"))
```
Standard output:
```
ABC
```

`url_decode`¶

Function prototype: fn url_decode(val: str) -> (str, bool)

Function description: Decodes a URL-encoded string.

Function parameters:

val: The URL-encoded string to decode.

Return value:

str: The decoded string.
bool: The decoding status.

Example:

Example 0:

Script content:

v, ok = url_decode("https:%2F%2Fkubernetes.io%2Fdocs%2Freference%2Faccess-authn-authz%2Fbootstrap-tokens%2F")
if ok {
    printf("%s", v)
}

Standard output:

https://kubernetes.io/docs/reference/access-authn-authz/bootstrap-tokens/

`url_parse`¶

Function prototype: fn url_parse(url: str) -> (map, bool)

Function description: Parses a URL and returns it as a map.

Function parameters:

url: The URL to parse.

Return value:

map: Returns the parsed URL as a map.
bool: Returns true if the URL is valid.

Example:

Example 0:

Script content:

v, ok = url_parse("http://www.example.com:8080/path/to/file?query=abc")
if ok {
    v, ok = dump_json(v, "  ")
    if ok {
        printf("%v", v)
    }
}

Standard output:

{
  "host": "www.example.com:8080",
  "params": {
    "query": [
      "abc"
    ]
  },
  "path": "/path/to/file",
  "port": "8080",
  "scheme": "http"
}

`user_agent`¶

Function prototype: fn user_agent(header: str) -> map

Function description: Parses a User-Agent header.

Function parameters:

header: The User-Agent header to parse.

Return value:

map: Returns the parsed User-Agent header as a map.

Example:

Example 0:

Script content:

v = user_agent("Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36")
printf("%s", v)

Standard output:

{"browser":"Chrome","browserVer":"96.0.4664.110","engine":"AppleWebKit","engineVer":"537.36","isBot":false,"isMobile":false,"os":"Intel Mac OS X 10_15_7","ua":"Macintosh"}

`valid_json`¶

Function prototype: fn valid_json(val: str) -> bool

Function description: Returns true if the value is a valid JSON.

Function parameters:

val: The value to check.

Return value:

bool: Returns true if the value is a valid JSON.

Example:

Example 0:

Script content:

ok = valid_json("{\"a\": 1, \"b\": 2}")
if ok {
    printf("true")
}

Standard output:

true

Example 1:

Script content:

ok = valid_json("1.1")
if ok {
    printf("true")
}

Standard output:

true

Example 2:

Script content:

ok = valid_json("str_abc_def")
if !ok {
    printf("false")
}

Standard output:

false

`value_type`¶

Function prototype: fn value_type(val: str) -> str

Function description: Returns the type of the value.

Function parameters:

val: The value to get the type of.

Return value:

str: Returns the type of the value. One of (bool, int, float, str, list, map, nil). If the value and the type is nil, returns nil.

Example:

Example 0:

Script content:
```
v = value_type(1)
printf("%s", v)
```
Standard output:
```
int
```
Example 1:

Script content:
```
printf("%s", value_type("abc"))
```
Standard output:
```
str
```
Example 2:

Script content:
```
printf("%s", value_type(true))
```
Standard output:
```
bool
```

`xml_query`¶

Function prototype: fn xml_query(input: str, xpath: str) -> (str, bool)

Function description: Returns the value of an XML field.

Function parameters:

input: The XML input to get the value of.
xpath: The XPath expression to get the value of.

Return value:

str: Returns the value of the XML field.
bool: Returns true if the field exists, false otherwise.

Example:

Example 0:

Script content:

xml_data='''
<OrderEvent actionCode = "5">
 <OrderNumber>ORD12345</OrderNumber>
 <VendorNumber>V11111</VendorNumber>
 </OrderEvent>
'''
v, ok = xml_query(xml_data, "/OrderEvent/OrderNumber/text()")
if ok {
    printf("%s", v)
}

Standard output:

ORD12345

Example 1:

Script content:

xml_data='''
<OrderEvent actionCode = "5">
 <OrderNumber>ORD12345</OrderNumber>
 <VendorNumber>V11111</VendorNumber>
 </OrderEvent>
'''
v, ok = xml_query(xml_data, "/OrderEvent/@actionCode")
if ok {
    printf("%s", v)
}

Standard output:

Arbiter Built-in Functions¶

append¶

b64dec¶

b64enc¶

call_func¶

cast¶

cidr¶

delete¶

dql¶

dql_series_get¶

dql_timerange_get¶

dump_json¶

exit¶

format_int¶

geoip¶

gjson¶

grok¶

hash¶

http_request¶

len¶

load_json¶

lowercase¶

match¶

parse_date¶

parse_duration¶

parse_int¶

printf¶

replace¶

sql_cover¶

str_join¶

strfmt¶

time_now¶

trigger¶

trim¶

uppercase¶

url_decode¶

url_parse¶

user_agent¶

valid_json¶

value_type¶

xml_query¶

Is this page helpful? ×

`append`¶

`b64dec`¶

`b64enc`¶

`call_func`¶

`cast`¶

`cidr`¶

`delete`¶

`dql`¶

`dql_series_get`¶

`dql_timerange_get`¶

`dump_json`¶

`exit`¶

`format_int`¶

`geoip`¶

`gjson`¶

`grok`¶

`hash`¶

`http_request`¶

`len`¶

`load_json`¶

`lowercase`¶

`match`¶

`parse_date`¶

`parse_duration`¶

`parse_int`¶

`printf`¶

`replace`¶

`sql_cover`¶

`str_join`¶

`strfmt`¶

`time_now`¶

`trigger`¶

`trim`¶

`uppercase`¶

`url_decode`¶

`url_parse`¶

`user_agent`¶

`valid_json`¶

`value_type`¶

`xml_query`¶