DataDog · maycmlee · May 11, 2026 · May 7, 2026 · May 7, 2026 · May 7, 2026
@@ -21,7 +21,7 @@ To set up the Deduplicate processor:
 1. In the **Type of deduplication** dropdown menu, select whether you want to `Match` on or `Ignore` the fields specified below.
     - If `Match` is selected, then after a log passes through, future logs that have the same values for all of the fields you specify below are removed.
     - If `Ignore` is selected, then after a log passes through, future logs that have the same values for all of their fields, *except* the ones you specify below, are removed.
-1.  Enter the fields you want to match on, or ignore. At least one field is required, and you can specify a maximum of three fields.
+1. Enter the fields you want to match on, or ignore. At least one field is required, and you can specify a maximum of three fields.
     - Use the path notation `<OUTER_FIELD>.<INNER_FIELD>` to match subfields. See the [Path notation example](#path-notation-example) below.
 1. Click **Add field** to add additional fields you want to filter on.
 
@@ -38,23 +38,8 @@ The default cache size is 5,000 messages (recommended). The cached messages are
 
 ### Path notation example
 
-For the following message structure:
-
-```json
-{
-    "outer_key": {
-        "inner_key": "inner_value",
-        "a": {
-            "double_inner_key": "double_inner_value",
-            "b": "b value"
-        },
-        "c": "c value"
-    },
-    "d": "d value"
-}
-```
-
-- Use `outer_key.inner_key` to refer to the key with the value `inner_value`.
-- Use `outer_key.inner_key.double_inner_key` to refer to the key with the value `double_inner_value`.
+{{% observability_pipelines/path_notation %}}
+
+{{% observability_pipelines/path_notation_dots %}}
 
 [1]: /observability_pipelines/search_syntax/logs/
@@ -50,24 +50,9 @@ To set up the rename field processor:
 
 ### Path notation example {#path-notation-example-remap}
 
- For the following message structure:
-
-```json
-{
-    "outer_key": {
-        "inner_key": "inner_value",
-        "a": {
-            "double_inner_key": "double_inner_value",
-            "b": "b value"
-        },
-        "c": "c value"
-    },
-    "d": "d value"
-}
-```
-
-- Use `outer_key.inner_key` to see the key with the value `inner_value`.
-- Use `outer_key.inner_key.double_inner_key` to see the key with the value `double_inner_value`.
+{{% observability_pipelines/path_notation %}}
+
+{{% observability_pipelines/path_notation_dots %}}
 
 [1]: /observability_pipelines/guide/remap_reserved_attributes
 [2]: /observability_pipelines/search_syntax/logs/

@@ -56,24 +56,9 @@ To set up this processor:
 
 ### Path notation example {#path-notation-example-parse-xml}
 
-For the following message structure:
+{{% observability_pipelines/path_notation %}}
 
-```json
-{
-    "outer_key": {
-        "inner_key": "inner_value",
-        "a": {
-            "double_inner_key": "double_inner_value",
-            "b": "b value"
-        },
-        "c": "c value"
-    },
-    "d": "d value"
-}
-```
-
-- Use `outer_key.inner_key` to see the key with the value `inner_value`.
-- Use `outer_key.inner_key.double_inner_key` to see the key with the value `double_inner_value`.
+{{% observability_pipelines/path_notation_dots %}}
 
 ### Always use text key example
 

@@ -91,24 +91,9 @@ After adding scanning rules from the library, you can edit each rule separately
 
 ### Path notation example
 
- For the following message structure:
-
-```json
-{
-    "outer_key": {
-        "inner_key": "inner_value",
-        "a": {
-            "double_inner_key": "double_inner_value",
-            "b": "b value"
-        },
-        "c": "c value"
-    },
-    "d": "d value"
-}
-```
+{{% observability_pipelines/path_notation %}}
 
-- Use `outer_key.inner_key` to refer to the key with the value `inner_value`.
-- Use `outer_key.inner_key.double_inner_key` to refer to the key with the value `double_inner_value`.
+{{% observability_pipelines/path_notation_dots %}}
 
 ## Set up the processor using Terraform
 

@@ -142,23 +142,8 @@ If the processor is splitting the arrays `"message.myfield.firstarray"` and `"se
 
 ### Path notation example {#path-notation-example-split-array}
 
-For the following message structure:
+{{% observability_pipelines/path_notation %}}
 
-```json
-{
-    "outer_key": {
-        "inner_key": "inner_value",
-        "a": {
-            "double_inner_key": "double_inner_value",
-            "b": "b value"
-        },
-        "c": "c value"
-    },
-    "d": "d value"
-}
-```
-
-- Use `outer_key.inner_key` to refer to the key with the value `inner_value`.
-- Use `outer_key.inner_key.double_inner_key` to refer to the key with the value `double_inner_value`.
+{{% observability_pipelines/path_notation_dots %}}
 
 [1]: /observability_pipelines/search_syntax/logs/
@@ -99,26 +99,9 @@ Here are some attribute search syntax examples and logs that match the syntax:
 
 #### Path notation
 
-To understand path notation, let's look at the following log structure:
+{{% observability_pipelines/path_notation %}}
 
-```json
-{
-    "outer_key": {
-        "inner_key": "inner_value",
-        "a": {
-            "double_inner_key": "double_inner_value",
-            "b": "b value"
-        },
-        "c": "c value"
-    },
-    "d": "d value"
-}
-```
-In this example, use the following reference rules:
-- Use `outer_key.inner_key` to reference the key with the value `inner_value`.
-- Use `outer_key.a.double_inner_key` to reference the key with the value `double_inner_value`.
-
-If you want to search for a literal `.` in the attribute key, wrap the key in escaped quotes in the search query. For example, the search query `"service.status":disabled` matches the event `{"service.status": "disabled"}`.
+If you want the query to search for a literal `.` in the attribute key, wrap the key in escaped quotes in the search query. For example, the search query `"service.status":disabled` matches the event `{"service.status": "disabled"}`.
 
 ### Arrays
 

@@ -0,0 +1,19 @@
+For this log structure example:
+
+```json
+{
+    "outer_key": {
+        "inner_key": "inner_value",
+        "a": {
+            "double_inner_key": "double_inner_value",
+            "b": "b value"
+        },
+        "c": "c value"
+    },
+    "d": "d value"
+}
+```
+
+Follow these reference rules:
+- Use `outer_key.inner_key` to reference the key with the value `inner_value`.
+- Use `outer_key.a.double_inner_key` to reference the key with the value `double_inner_value`.
@@ -0,0 +1 @@
+To specify a nested field with a literal `.` in the attribute key, wrap the key in escaped quotes in the search query. For example, the search query `"service.status":disabled` matches the event `{"service.status": "disabled"}`.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		To specify a nested field with a literal `.` in the attribute key, wrap the key in escaped quotes in the search query. For example, the search query `"service.status":disabled` matches the event `{"service.status": "disabled"}`.
Copy link Copy Markdown clementd-dd May 11, 2026 • edited Loading Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. nit: could this be merged with layouts/shortcodes/observability_pipelines/path_notation.en.md? are those ever displayed separately? Copy link Copy Markdown Contributor Author maycmlee May 11, 2026 Choose a reason for hiding this comment The reason will be displayed to describe this comment to others. Learn more. Hey @clementd-dd! I originally had this dot content in `layouts/shortcodes/observability_pipelines/path_notation.en.md` so there was only one shortcode. But then I realized the wording doesn't quite work for the log search syntax page, so I broke it out into a separate shortcode. are those ever displayed separately? If I'm understanding your question correctly, the answer is that it's not possible to split up the content within a shortcode, unfortunately.