forked from boyska/circolog
docs on query language. closes #6
This commit is contained in:
parent
0121ba64b5
commit
c1ae059712
1 changed files with 21 additions and 0 deletions
21
docs/query.md
Normal file
21
docs/query.md
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
Query language
|
||||||
|
===================
|
||||||
|
|
||||||
|
circolog uses a sql-inspired query language. If you know SQL, then you can use "where clauses" in circolog. If
|
||||||
|
you don't know SQL, don't worry: the language is easy enough for you to learn the most basic queries without
|
||||||
|
worrying too much.
|
||||||
|
|
||||||
|
You can only filter the rows, you can't sort them or group them in any way.
|
||||||
|
|
||||||
|
Reference
|
||||||
|
-----------
|
||||||
|
|
||||||
|
Available fields:
|
||||||
|
- `message`: the string with the main information
|
||||||
|
- `app_name`: also known as "program" sometimes
|
||||||
|
- `facility`: an integer describing auth, daemon, user, etc.
|
||||||
|
- `hostname`: the hostname where the entry originated
|
||||||
|
- `timestamp`: date in format `2019-01-07T15:28:58+01:00`
|
||||||
|
- `severity`: an integer describing severity
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue