brettmillerb/Example.md

## Example.md

      
    Raw
  

              Example.md
            
          
    $newSearchQuerySplat = @{
    index = 'sitescope3' 
    SlAppId = 'alteryx' 
    SlStatusMessage = 'cpu', 'memory' 
    SlMonName = 'prod' 
    SourceType = 'sitescope' 
    HostName = 'hidden'
}

New-SearchQuery @newSearchQuerySplat
output

index=sitescope3 slappid="alteryx" AND (slstatusmessage="cpu" OR slstatusmessage="memory") AND (slmonname="prod") sourcetype=sitescope host=hidden
$newSearchQuerySplat = @{
    index = 'sitescope3' 
    SlAppId = 'alteryx' 
    SlStatusMessage = 'cpu', 'memory' 
    SlMonName = 'prod', 'dcof' 
    SourceType = 'sitescope' 
    HostName = 'hidden'
}

New-SearchQuery @newSearchQuerySplat
Output

index=sitescope3 slappid="alteryx" AND (slstatusmessage="cpu" OR slstatusmessage="memory") AND (slmonname="prod" OR slmonname="dcof") sourcetype=sitescope host=hidden

  
## New-SearchQuery.ps1
function New-SearchQuery {
    [CmdletBinding()]
    param (
        [string]
        $index,

        [string]
        $SlAppId,

        [string[]]
        $SlStatusMessage,

        [string[]]
        $SlMonName,

        $SourceType,

        $HostName
    )

    $queryString = [System.Text.StringBuilder]::new()
    $queryString.Append('index={0}' -f $index) | Out-Null
    $queryString.Append(' slappid="{0}"' -f $SlAppId) | Out-Null

    if ($PSBoundParameters.ContainsKey('SlStatusMessage')) {
        $queryString.Append(
            ' AND ({0})' -f (
                ($SlStatusMessage | ForEach-Object {
                    'slstatusmessage="{0}"' -f $_
                }) -Join ' OR '
            )
        ) | Out-Null
    }
    if ($PSBoundParameters.ContainsKey('SlMonName')) {
        $queryString.Append(
            ' AND ({0})' -f (
                ($SlMonName | ForEach-Object {
                    'slmonname="{0}"' -f $_
                }) -Join ' OR '
            )
        ) | Out-Null
    }

    if ($PSBoundParameters.ContainsKey('SourceType')) {
        $queryString.Append(' sourcetype={0}' -f $SourceType) | Out-Null
    }

    if ($PSBoundParameters.ContainsKey('HostName')) {
        $queryString.Append(' host={0}' -f $HostName) | Out-Null
    }

    $queryString.ToString()
}
	function New-SearchQuery {
	[CmdletBinding()]
	param (
	[string]
	$index,

	[string]
	$SlAppId,

	[string[]]
	$SlStatusMessage,

	[string[]]
	$SlMonName,

	$SourceType,

	$HostName
	)

	$queryString = [System.Text.StringBuilder]::new()
	$queryString.Append('index={0}' -f $index) \| Out-Null
	$queryString.Append(' slappid="{0}"' -f $SlAppId) \| Out-Null

	if ($PSBoundParameters.ContainsKey('SlStatusMessage')) {
	$queryString.Append(
	' AND ({0})' -f (
	($SlStatusMessage \| ForEach-Object {
	'slstatusmessage="{0}"' -f $_
	}) -Join ' OR '
	)
	) \| Out-Null
	}
	if ($PSBoundParameters.ContainsKey('SlMonName')) {
	$queryString.Append(
	' AND ({0})' -f (
	($SlMonName \| ForEach-Object {
	'slmonname="{0}"' -f $_
	}) -Join ' OR '
	)
	) \| Out-Null
	}

	if ($PSBoundParameters.ContainsKey('SourceType')) {
	$queryString.Append(' sourcetype={0}' -f $SourceType) \| Out-Null
	}

	if ($PSBoundParameters.ContainsKey('HostName')) {
	$queryString.Append(' host={0}' -f $HostName) \| Out-Null
	}

	$queryString.ToString()
	}