getyear function in APL to extract the year part from a datetime value. The function returns an integer representing the calendar year.
You can use getyear to group records by year when analyzing multi-year trends, comparing annual performance, or building year-level summaries. This is useful for dashboards, long-term reporting, and historical analysis.
Use it when you want to:
- Aggregate events by year for trend analysis.
- Compare metrics across years to detect growth or decline.
- Create year-level summaries across log, trace, or security datasets.
For users of other query languages
If you come from other query languages, this section explains how to adjust your existing queries to achieve the same results in APL.Splunk SPL users
Splunk SPL users
In Splunk SPL, you typically use the
strftime function with the %Y specifier to extract the four-digit year. In APL, the getyear function directly returns the year as an integer.ANSI SQL users
ANSI SQL users
In ANSI SQL, you use
EXTRACT(YEAR FROM timestamp) or the YEAR() function to get the year. In APL, getyear provides the same result.Usage
Syntax
Parameters
| Name | Type | Description |
|---|---|---|
| datetime | datetime | The input datetime value. |
Returns
Anint representing the year.
Use case examples
- Log analysis
- OpenTelemetry traces
- Security logs
Count HTTP requests by year to understand long-term traffic trends.QueryRun in PlaygroundOutput
This query groups HTTP log entries by year and counts the total requests per year.
| year | request_count |
|---|---|
| 2024 | 52340 |
| 2025 | 61892 |
List of related functions
- getmonth: Extracts the month number from a datetime as an integer.
- dayofyear: Returns the day number within the year from a datetime.
- monthofyear: Returns the month number from a datetime. Equivalent to
getmonth. - startofyear: Returns the start of the year for a datetime, useful for year-level binning.
- endofyear: Returns the end of the year for a datetime value.