Can't "Pivot to Values" after applying fuse #3098
Description
Repro is with Zui commit 942b10f.
A common workflow for our pcap users is to do a count() by _path to see categories of Zeek events and then right-click Pivot to Values to see the individual records for a particular category, e.g., http.
As shown in the attached video, this workflow can be foiled when Suricata are also generated from the pcap. The Suricata records lack a _path field and therefore end up with error(missing) in the output of count() by _path. If the user does Pivot to Values on the original output, everything still works fine. However, if they follow the app's guidance and apply fuse to first turn the aggregation output into a tidy table, the Pivot to Values silently fails.
Repro.mp4
As shown in the video, the error in DevTools console looks like:
Uncaught Error: Can't convert object to Zed script:
{
"type": {
"types": [
{
"kind": "primitive",
"name": "string"
},
{
"type": {
"kind": "primitive",
"name": "string"
},
"kind": "error"
}
],
"kind": "union"
},
"innerType": {
"kind": "primitive",
"name": "string"
},
"index": 0,
"value": {
"value": "http",
"type": {
"kind": "primitive",
"name": "string"
}
}
}
Peeking at the code, it appears that the app is just not prepared to deal with the Zed "union" values that result from applying fuse. I think I see a possible fix, so I'll put up a PR.