Hi @vn_g 

There might be a more dynamic solution that I can't think of right now, but this should work for you:

| makeresults
| eval MINIMUM_VERSION_REQUIRED="3.9.209767"
| eval COMPARE_VERSION="3.6.105"
| eval MINIMUM_VERSION_REQUIRED=replace(MINIMUM_VERSION_REQUIRED,"\.","")
| eval COMPARE_VERSION=replace(COMPARE_VERSION,"\.","")

| eval zero_count=len(COMPARE_VERSION)-len(MINIMUM_VERSION_REQUIRED)
| eval MINIMUM_VERSION_REQUIRED=case(zero_count<=0,MINIMUM_VERSION_REQUIRED,zero_count=1,MINIMUM_VERSION_REQUIRED+"0",zero_count=2,MINIMUM_VERSION_REQUIRED+"00",zero_count=3,MINIMUM_VERSION_REQUIRED+"000")
| eval COMPARE_VERSION=case(zero_count>=0,COMPARE_VERSION,zero_count=-1,COMPARE_VERSION+"0",zero_count=-2,COMPARE_VERSION+"00",zero_count=-3,COMPARE_VERSION+"000")

If the length (~count of numbers) is different between the two version fields, it will add trailing zeros to make it match. Now you can compare.

This works with up to 3 more (or less) numbers in the two version fields (like compare 3.9.1. with 3.5.12.32)
If you expect even more sub/minor versions to compare, you would have to extend the two case statements with zero_count=4, VERSION_FIELD+"0000"  etc.

BR
Ralph

| makeresults
| eval MINIMUM_VERSION_REQUIRED="3.9.2"
| eval COMPARE_VERSION="3.12.9"
| eval MINIMUM_VERSION_REQUIRED=replace(MINIMUM_VERSION_REQUIRED,"\.","")
| eval COMPARE_VERSION=replace(COMPARE_VERSION,"\.","")
| eval zero_count=len(COMPARE_VERSION)-len(MINIMUM_VERSION_REQUIRED)
| eval MINIMUM_VERSION_REQUIRED=case(zero_count<=0,MINIMUM_VERSION_REQUIRED,zero_count=1,MINIMUM_VERSION_REQUIRED+"0",zero_count=2,MINIMUM_VERSION_REQUIRED+"00",zero_count=3,MINIMUM_VERSION_REQUIRED+"000",zero_count=4,MINIMUM_VERSION_REQUIRED+"0000")
| eval COMPARE_VERSION=case(zero_count>=0,COMPARE_VERSION,zero_count=-1,COMPARE_VERSION+"0",zero_count=-2,COMPARE_VERSION+"00",zero_count=-3,COMPARE_VERSION+"000",zero_count=-4,COMPARE_VERSION+"0000")
| where COMPARE_VERSION < MINIMUM_VERSION_REQUIRED 

In the above case it still gives incorrect results . The COMPARE_VERSION  field value is not less than MINIMUM_VERSION_REQUIRED.

Ah, shoot. That's right. You challenge me 😛

I guess we have to define something like major version, minor version a, minor version to make it work...

Is there a max number of dots that you expect?

I mean, you seem to have 3.12.9 (major version + minor version a + minor version b) ...can there also be 3.12.9.4? (minor version c)?

Yes , there can also be 3.12.9.4. Max number of dots can be 6.

Solved it one simple eval statement 😛

The SPL I have looks a bit too much for the use case. But it works now (I know, I said this earlier...so please double check 🙂 )

| makeresults
| eval MINIMUM_VERSION="3.9.2"
| eval COMPARE_VERSION="3.5.2.1"

| eval  
MINIMUM_VERSION_major=mvindex(split(MINIMUM_VERSION,"."),0), 
MINIMUM_VERSION_minora=mvindex(split(MINIMUM_VERSION,"."),1), 
MINIMUM_VERSION_minorb=mvindex(split(MINIMUM_VERSION,"."),2),
MINIMUM_VERSION_minorc=mvindex(split(MINIMUM_VERSION,"."),3),
MINIMUM_VERSION_minord=mvindex(split(MINIMUM_VERSION,"."),4), 
MINIMUM_VERSION_minore=mvindex(split(MINIMUM_VERSION,"."),5),
MINIMUM_VERSION_minorf=mvindex(split(MINIMUM_VERSION,"."),6),

COMPARE_VERSION_major=mvindex(split(COMPARE_VERSION,"."),0),
COMPARE_VERSION_minora=mvindex(split(COMPARE_VERSION,"."),1),
COMPARE_VERSION_minorb=mvindex(split(COMPARE_VERSION,"."),2),
COMPARE_VERSION_minorc=mvindex(split(COMPARE_VERSION,"."),3),
COMPARE_VERSION_minord=mvindex(split(COMPARE_VERSION,"."),4),
COMPARE_VERSION_minore=mvindex(split(COMPARE_VERSION,"."),5),
COMPARE_VERSION_minorf=mvindex(split(COMPARE_VERSION,"."),6),

COMPARE_VERSION_minora = if(isnull(COMPARE_VERSION_minora),"0",COMPARE_VERSION_minora),
COMPARE_VERSION_minorb = if(isnull(COMPARE_VERSION_minorb),"0",COMPARE_VERSION_minorb),
COMPARE_VERSION_minorc = if(isnull(COMPARE_VERSION_minorc),"0",COMPARE_VERSION_minorc),
COMPARE_VERSION_minord = if(isnull(COMPARE_VERSION_minord),"0",COMPARE_VERSION_minord),
COMPARE_VERSION_minore = if(isnull(COMPARE_VERSION_minore),"0",COMPARE_VERSION_minore),
COMPARE_VERSION_minorf = if(isnull(COMPARE_VERSION_minorf),"0",COMPARE_VERSION_minorf),

MINIMUM_VERSION_minora = if(isnull(MINIMUM_VERSION_minora),"0",MINIMUM_VERSION_minora),
MINIMUM_VERSION_minorb = if(isnull(MINIMUM_VERSION_minorb),"0",MINIMUM_VERSION_minorb),
MINIMUM_VERSION_minorc = if(isnull(MINIMUM_VERSION_minorc),"0",MINIMUM_VERSION_minorc),
MINIMUM_VERSION_minord = if(isnull(MINIMUM_VERSION_minord),"0",MINIMUM_VERSION_minord),
MINIMUM_VERSION_minore = if(isnull(MINIMUM_VERSION_minore),"0",MINIMUM_VERSION_minore),
MINIMUM_VERSION_minorf = if(isnull(MINIMUM_VERSION_minorf),"0",MINIMUM_VERSION_minorf),

major_smaller = if(COMPARE_VERSION_major < MINIMUM_VERSION_major,"true","false"),
minora_smaller = if(COMPARE_VERSION_minora < MINIMUM_VERSION_minora,"true","false"),
minorb_smaller = if(COMPARE_VERSION_minorb < MINIMUM_VERSION_minorb,"true","false"),
minorc_smaller = if(COMPARE_VERSION_minorc < MINIMUM_VERSION_minorc,"true","false"),
minord_smaller = if(COMPARE_VERSION_minord < MINIMUM_VERSION_minord,"true","false"),
minore_smaller = if(COMPARE_VERSION_minore < MINIMUM_VERSION_minore,"true","false"),
minorf_smaller = if(COMPARE_VERSION_minorf < MINIMUM_VERSION_minorf,"true","false"),

smaller_global = 
if(major_smaller="true", "true",
if(minora_smaller="true", "true",
if(minorb_smaller="true", "true",
if(minorc_smaller="true", "true",
if(minord_smaller="true", "true",
if(minore_smaller="true", "true",
if(minorf_smaller="true", "true","false"
)))))))

 | fields MINIMUM_VERSION, COMPARE_VERSION, smaller_global

The 2 blocks with mvindex are assigning the major and minor versions to fields.
Next 2 blocks fills "0" for the minor versions that don't exist.
Then we compoare the major and minor versions one by one and in the last eval for the smaller_global field is the main logic...if major is smaller = true, else if minora is smaller=true, else....

I guess the SPL can be shortened with some FOREACH magic, or when you skip assigning the major and minor versions to fields and work with the mvindex statement directly . But it would be less readable I think...

Hi Ralph,

Thankyou so much for your time.

| eval MINIMUM_VERSION="3.9.2"
| eval COMPARE_VERSION="3.11.0" 

The above is showing incorrect results.

smaller_global = 
if(major_smaller="true", "true",
if(minora_smaller="true", "true",
if(minorb_smaller="true", "true",
if(minorc_smaller="true", "true",
if(minord_smaller="true", "true",
if(minore_smaller="true", "true",
if(minorf_smaller="true", "true","false"
)))))))

 Guess the above conditions needs to be re-valuated. 

Thanks,

Nagasri.G

This query is working as expected. Thankyou so much.

If your problem is resolved, then please click the "Accept as Solution" button to help future readers.