jq code. Recently, I've been checking out zq and evaluating it as a jq replacement.zq in more detail, while it looks similar on the surface, it's pretty different under the hood and I've been tripped up by a few things along the way. The goal with these posts is to try and flatten the learning curve for folks also coming over from jq.zq to folks familiar with jq. I also want to thank Phil Rzewski from the Brim team, who's been incredibly helpful, both in their support Slack and in the GitHub repo, fielding my questions patiently and thoughtfully.| Post | tl;dr |
| ZqSearchIsFirstClass | Searching is an integral part of aggregation and transformation, but compared to jq, zq search is first class. |
| ZqImpliedOperatorsCanTrickYou | Did you make a change and now there's no output? It's probably the search implied operator hiding the fact that you tried to pipe something to a function like you would in jq, but that's not how it works. See previous post. |
| ZqPipeCharacter | You can't use | everywhere, esp. not in or between Expressions. Only in-between Dataflow Operators. |
| ZqFunctionsNeedParens | Functions always have to be called with parens. If you don't, the search implied operator will getchya. |
| ZqUserOperatorsNeedParens | While built-in dataflow operators do not take parens, user-defined ones must. If you don't, (all together now) the search implied operator will getchya. |
| ZqLateralSubquery | How to drop down a level of JSON while parsing. |
jq, why bother? In addition to wrangling JSON data, zq has a host of additional features that make it not just a decent replacement of jq, but a solid upgrade.jq can too with a special option); it supports multiple input & output formats: from csv to Parquet and more (including groking log files a la Logstash); it can naturally join data together in a relational fashion from either files or its own Data Lake, and supports a form of gradual typing of your data with Shaping.