Logpoint - Search and Analytics - Search Query Language
7.7.1 (latest)
7.8.0
7.7.0
7.6.1
7.5.1
7.4.2
7.3.1
7.2.4
7.1.3
7.0.2
Logpoint - Search and Analytics - Search Query Language
Version:
7.7.1 (latest)
7.8.0
7.7.0
7.6.1
7.5.1
7.4.2
7.3.1
7.2.4
7.1.3
7.0.2
×
Page Contents
Table of Contents
Table of Contents
¶
Search Query Language
Simple Search
Single word
Multiple words
Phrases
Field values
Logical operators
And
Or
Not
Parentheses
Wildcards
Step
Lower and Upper
Time Functions
second
minute
hour
day
day of week
month
List
Table
Aggregators
chart
timechart
Available Aggregators
avg()
count()
distinct_count()
distinct_list()
list()
max() and min()
sum()
var()
One-to-One Commands
rex
norm
Important Consideration
fields
rename
Process Commands
AsciiConverter
Clean Char
Codec
Compare
Compare Network
Count Char
CountOf
Current Time
DatetimeDiff
Difference
DNS Cleanup
DNS Process
Domain Lookup
Entropy
Eval
Experimental Median Quartile Quantile
GEOIP
Grok
InRange
IP Lookup
JSON Expand
JSON Parser
ListLength
ListPercentile
Next
Percentile
Process lookup
Regex
SortList
String Concat
Summation
toList
toTable
WhoIsLookup
Filtering Commands
search
filter
latest
order by
limit <number>
Pattern Finding
Single Stream
Multiple Streams
Left Join
Right Join
Join
Followed by
Chaining of commands
Additional Notes
Process or Count
Conditional Expression
Forward Slash Expression
norm
timechart
Capturing normalized field values
Grok Patterns
Helpful?
Yes
No
We are glad this guide helped.
Please don't include any personal information in your comment
Contact Support
×
Navigation
next
Search Query Language latest documentation
»
