Query Library
New postPost queries you find useful or lookup examples to help get you started with searching your data.
Show all
Sort by comments
-
Metrics Operators Cheat Sheet Pinned5 votes 1 comment
-
New Log Operators Cheat Sheet Pinned2 votes 0 comments
-
How do I write a query to list all the keys in a json log?1 vote 15 comments
-
TLD Parser0 votes 7 comments
-
Are there in group by operators for String fields0 votes 6 comments
-
My template parameters don't work0 votes 6 comments
-
Send alert only once0 votes 6 comments
-
Set default values in parsing0 votes 5 comments
-
Time frame0 votes 4 comments
-
Replace _sourceName for count0 votes 4 comments
-
ELB parsing specific field values. Part II0 votes 4 comments
-
Regex - Multi0 votes 3 comments
-
AD query for user creation and deletion in short period of time0 votes 3 comments
-
Combining two results from different queries0 votes 3 comments
-
Geo Lookup without IP0 votes 3 comments
-
Security-Related Queries for Windows2 votes 3 comments
-
Parsing URL correctly1 vote 3 comments
-
Parsing Non-Structured Fields0 votes 3 comments
-
Mapping your Client IPs (Using Geo Lookup)0 votes 3 comments
-
Querying using if statement0 votes 2 comments
-
how to timeslice by a parsed timestamp field0 votes 2 comments
-
Conditional Operator0 votes 2 comments
-
Reconcile ID's present in one source category but absent in another0 votes 2 comments
-
Parse Same Field Multiple Times0 votes 2 comments
-
Sorting0 votes 2 comments
-
Searches for "After-Hours" Activity0 votes 2 comments
-
lookup operator with compareCIDRPrefix0 votes 2 comments
-
Use _count as column (subquery)0 votes 2 comments