Operational Intelligence Query Language

Operation Intelligence Query Language is intuitive and efficient, you can perform search on large datasets and view results in seconds. The search query supports the following languages:

•

Event Query Language (EQL)

•

Structured Query Language (SQL) dialect

Both EQL and SQL are equally capable for searching, but the syntaxes are different in some cases. EQL is easy to use; however, SQL is more commonly used and writing queries in SQL is easier because of the availability of existing SQL tools. Using EQL, you can define filters, regular expressions, sources, time ranges.