search

Description

Performs data search.

danger

Using aggs in a query is only permitted when it follows commands that also operate with the internal storage mechanisms. These include source and peval. This condition must also be met for all subqueries in the query.

Syntax

search <compare>

Required Arguments

Parameter	Syntax	Description
`compare`	`<field> > \| >= \| == \| < \| <= \| != <field> \| <value>`	Conditional operation for data comparison

Search Modes

regex - search using regular expressions
wildcard - search using wildcard characters * and ?
cidr - search by subnet mask

Query Examples

Example #1
...
| search user="Ivanov" OR user="Mar*"

Example #2
...
| search count_result=5 AND nick="Iv*"

Example #3
...
| search regex place="(Ho|Mo)tel"

Example #4
...
| search wildcard name="An*li?"

Example #5
...
| search cidr host="10.78.0.0/16"

Example #6
...
| search cidr host="2001::/4"

Description​

Syntax​

Required Arguments​

Search Modes​

Query Examples​

Description

Syntax

Required Arguments

Search Modes

Query Examples