I have a string in my log file that consists of a list of URL query parameters which are automatically extracted to new fields, so source looks like...

graph?node=100021+101024&sort=product.review.avg_rating|desc&groupby=product.code&offset=0&nbins=8

From this automatic extractions produce new fields for each of the name-value pairs, so for example I end up with a new field node with a value of 100021+101024, the problem with this is that those values are a delimited list with a + delimiter. So I've added a stanza to transforms.conf to extract each value into a new field dim_val_id.

[dimvalid]

SOURCE_KEY = node

DELIMS = "+"

MV_ADD = true

FIELDS = "dim_val_id"

For some reason though I don't get a dim_val_id field unless I add | extract reload=t to my search query. If I remove the extract dim_val_id disappears. My theory is that the node hasn't been extracted yet when my transform runs and that is why I don't get a dim_val_id field. Does anyone know how to get around this or have another suggested approach?

As extra credit, this transform doesn't exactly work as I would like. Even-though I have specified MV_ADD = true I will only get the first value in my new field unless I list dim_val_id multiple times in the FIELDS list.