To run zq with a zql join, you need a way to specify the left file and the right file and input those files as separate input to a parallel input zql graph. We could add a "from" operator that refers generically to the source, but to keep the first steps simple, we will simply an option to zq to specify that the input files are to be used as inputs to a parallel zql query, e.g.,
This could be used generically beyond the scope of join, e.g., this would just intermix threat intel logs
within an edge graph computed from the logs file:
To run zq with a zql join, you need a way to specify the left file and the right file and input those files as separate input to a parallel input zql graph. We could add a "from" operator that refers generically to the source, but to keep the first steps simple, we will simply an option to zq to specify that the input files are to be used as inputs to a parallel zql query, e.g.,
This could be used generically beyond the scope of join, e.g., this would just intermix threat intel logs within an edge graph computed from the logs file:
At most one of the input files may be stdin. It is an error for the number of files to not match the number of parallel inputs to the zql query.
The join proc will be added in a subsequent PR.