Skip to content
Cruncher

endsWith

endsWith

✓ Boolean

Check if a string ends with the given suffix as a case-sensitive match

endsWith(string, suffix) → boolean
boolean

true if string ends with suffix, false otherwise; null if either input is null

Edge Cases

Section titled “Edge Cases”
  • If string is null, returns null
  • If suffix is null, returns null
  • Empty suffix "" matches any string (returns true)
  • Search is case-sensitive: endsWith("Production", "tion") returns false

Examples

Section titled “Examples”
| where endsWith(filename, ".log")

Matches records where filename ends with “.log”.

| eval is_json_file = endsWith(filename, ".json")

Creates a boolean field is_json_file that is true if the filename ends with “.json”.

| where endsWith(message, "success")

Filters to messages that indicate success.

Used In

Section titled “Used In”
  • where — as a filter condition
  • eval — to create a boolean field