Examples Library
Important
This manual provides example LogScale queries, with each query described, line by line, to demonstrate not only the syntax of the queries, but also why the different syntax and expressions have been used to search the query data.
The content is currently being written and expanded, and more queries, and specifically more detailed and extensive queries are being added each day.
Search by query type, title, or function.
Recent Query ExamplesConcatenate Values From Nested Array Elements
Concatenate deeply nested objects and arrays using
objectArray:eval()function withconcat()Create Sankey Diagram Calculating Edge Thickness
Create a Sankey diagram calculating the edge thickness using the
sankey()function with an aggregatorSearch Accross Multiple Structured Fields
Search across multiple structured fields using the transpose() function within groupBy()
Preview And Output Several Lookup Files as Events With
readFile()Preview and output each .csv file as several events using the
readFile()functionFormat only XML data that is considered valid using the
xml:prettyPrint()functionFormat XML to a Max Line Length
Format XML in @rawstring field using the
xml:prettyPrint()function with custom formatting parameters setFormat XML in @rawstring field using the
xml:prettyPrint()functionSample Event Streams - Example 1
Sample events keeping only specified percentage of the events using the
sample()functionSample Event Streams - example 2
Sample events keeping only specified percentage of the events and sort by host using the
sample()function withgroupBy()andsort()Standardize Values And Combine Into Single Field
Standardize values using the
upper()andlower()functions and combine into single field withconcat()