Bloks

To analyze your data faster, you can create different types of Bloks in TIBCO OI Hawk RedTail to help you accelerate your search process.

A Blok is a contextual element or filter that fits with other elements to form a search query. Bloks are reusable elements of a query. You can combine many types of Bloks together to create complex queries. Build and save different Bloks that can be used in future searches rather than searching every time by manually typing the same filter.

TIBCO OI Hawk RedTail supports the following types of Bloks:

Filter Bloks: contain filter statements, aggregation rules.

Time Bloks: contain absolute and relative time ranges.

You can have one or more filters in a Blok. If you realize that you need to add another filter to the existing Blok, you can add more filters or build another Blok.

You can add new Bloks and modify existing Bloks from the All tab in the Bloks page. Similarly, you can manage all types of Bloks in a central location by clicking the Queries > Bloks page.

Filter Bloks

You can create filter Bloks that contain one or more filters.

Each filter comprises one or more terms. A filter Blok supports valid EQL or SQL statements.

You can have one or more filters in a Blok. If you realize that you need to add another filter to the existing Blok, you can add more filters or build another Blok. Multiple Bloks of different types can be used in a single search query. For detailed information about valid filters, see FILTER Statement.

Time Bloks

Analyzing events based on a certain time range can help correlate results and find the root cause faster.

You can narrow your search results to a specific time range using the Time Blok. You can use the preset time Blok or create your custom time Blok that you can use any time. Each time Blok is translated in a statement before executing the query. You can define the absolute or relative time. For valid time ranges, see Time Range Expressions.