Hello,
I have the following search, which works fine and returns the proper result "RCA_MEMORY":
|makeresults
| eval mysearch =
[
|dbxquery query="call \"ML\".\"ML.PROCEDURES::PR_ALERT_TYPE_ANALYSING_LAST_MINUTES_AND_MISSING_DATA_ALL_HOSTS\"('BWP', to_timestamp(to_nvarchar('2019-07-16 18:53:00', 'YYYY-MM-DD HH24:MI'),'YYYY-MM-DD HH24:MI'), ?)" connection="HANA_MLBSO"
| eval mysearch = if(like(RCA_TO_REPORT, "%MEMORY%"), "\"RCA_MEMORY\"",
(if(like(RCA_TO_REPORT, "%CPU%"), "\"RCA_CPU\"", 0)))
| return $mysearch
]
| eval f1 = "\""
| strcat f1 mysearch f1 mysearchname
| return $mysearchname
But when I now wrap it and pass to the savedsearch command, I get the following error:
Error in 'eval' command: Failed to parse the provided arguments. Usage: eval dest_key = expression
The code loos as follows:
|savedsearch [
|makeresults
| eval mysearch =
[
|dbxquery query="call \"ML\".\"ML.PROCEDURES::PR_ALERT_TYPE_ANALYSING_LAST_MINUTES_AND_MISSING_DATA_ALL_HOSTS\"('BWP', to_timestamp(to_nvarchar('2019-07-16 18:53:00', 'YYYY-MM-DD HH24:MI'),'YYYY-MM-DD HH24:MI'), ?)" connection="HANA_MLBSO"
| eval mysearch = if(like(RCA_TO_REPORT, "%MEMORY%"), "\"RCA_MEMORY\"",
(if(like(RCA_TO_REPORT, "%CPU%"), "\"RCA_CPU\"", 0)))
| return $mysearch
]
| eval f1 = "\""
| strcat f1 mysearch f1 mysearchname
| return $mysearchname
]
Please advice.
Kind regards,
Kamil