Skip to content
Cruncher

isNull

isNull

✓ Boolean

Check if a value is null or a field is missing

isNull(value) → boolean
boolean

true if value is null or field is missing, false otherwise

The isNull function returns true if the input value is null or undefined (field not present), otherwise false.

Edge Cases

Section titled “Edge Cases”
  • Distinguishes between null (explicit null value) and missing/undefined fields (both return true)
  • Empty strings "" are not null (returns false)
  • Zero 0 and false are not null (returns false)
  • null in a comparison like field == null is equivalent to isNull(field)

Examples

Section titled “Examples”
| where isNull(optional_field)

Matches records where optional_field is missing or null.

| eval has_user = !(isNull(user_id))

Creates a boolean field has_user that is true if user_id is present.

| where isNull(error_code)

Filters to successful records (no error code).

Used In

Section titled “Used In”
  • where — as a filter condition
  • eval — to create a boolean field