Query Library
New postPost queries you find useful or lookup examples to help get you started with searching your data.
Show no status
Sort by comments
-
Searches for "After-Hours" Activity0 votes 2 comments
-
lookup operator with compareCIDRPrefix0 votes 2 comments
-
Use _count as column (subquery)0 votes 2 comments
-
Hide count paramterin my chart0 votes 2 comments
-
finding the ratio of aggregated result?1 vote 2 comments
-
different count with contains0 votes 2 comments
-
count_distinct with a regularcount0 votes 2 comments
-
Query messages before and after errors1 vote 2 comments
-
list of collector's host name0 votes 2 comments
-
Finding the duration of a process using the time stamp from a log file0 votes 2 comments
-
ELB parsing specific field values0 votes 2 comments
-
AD query for successful login from multiple IP’s1 vote 2 comments
-
Parse a specific string start and stop position?0 votes 2 comments
-
Are my Collectors ingesting data0 votes 2 comments
-
create alert for no data seen0 votes 1 comment
-
IIS binded site query0 votes 1 comment
-
convert decimal value to IP address2 votes 1 comment
-
Calculate a value from two log queries0 votes 1 comment
-
Enumerate Systems/Sources Monitored0 votes 1 comment
-
"cannot parse string as number"0 votes 1 comment
-
Successful Logins Query Request0 votes 1 comment
-
Correlation search0 votes 1 comment
-
Sorting seems not working0 votes 1 comment
-
What is the correct query for the below findings?0 votes 1 comment
-
$DATE is getting displayed on logcompare0 votes 1 comment
-
log compare not showing only new type of logs0 votes 1 comment
-
Flatten array in message to multiple records0 votes 1 comment
-
Query on collector type0 votes 1 comment