Common Search Commands
The search commands that LogLogic EQL uses.
| command | Definition |
|---|---|
| USE | Defines the data models, which include the parsing configuration. For details, see USE Statement. |
| COLUMNS | Defines which columns should appear in search results. For details, see COLUMNS Statement. |
| GROUP BY | Groups search results based on specified columns. For details, see GROUP BY Statement. |
| SORT BY | Sorts search results based on the expression. For details, see Time Range Expressions. |
| LIMIT | Limits the size of search results to be displayed. For details, see LIMIT Statement. |
| For detailed information about filters, see FILTER Statement. | |
Copyright © Cloud Software Group, Inc. All rights reserved.