1
0
Fork 0
forked from boyska/circolog

docs on query language. closes #6

This commit is contained in:
boyska 2019-01-07 15:43:25 +01:00
parent 0121ba64b5
commit c1ae059712

21
docs/query.md Normal file
View file

@ -0,0 +1,21 @@
Query language
===================
circolog uses a sql-inspired query language. If you know SQL, then you can use "where clauses" in circolog. If
you don't know SQL, don't worry: the language is easy enough for you to learn the most basic queries without
worrying too much.
You can only filter the rows, you can't sort them or group them in any way.
Reference
-----------
Available fields:
- `message`: the string with the main information
- `app_name`: also known as "program" sometimes
- `facility`: an integer describing auth, daemon, user, etc.
- `hostname`: the hostname where the entry originated
- `timestamp`: date in format `2019-01-07T15:28:58+01:00`
- `severity`: an integer describing severity