Currently, semi structured data must be stringified and defined as a string type. Subsequently, it is always treated as a string type (e.g. in detections).
Goal
Add a JSON or object type that represents JSON/object data. This can be auto-coerced to physical type string for the Iceberg schema. We can use this information to provide additional features for detections and searching.
Overview
Currently, semi structured data must be stringified and defined as a string type. Subsequently, it is always treated as a string type (e.g. in detections).
Goal
Add a JSON or object type that represents JSON/object data. This can be auto-coerced to physical type string for the Iceberg schema. We can use this information to provide additional features for detections and searching.
Notes