|
@@ -0,0 +1,21 @@
|
|
|
+Query language
|
|
|
+===================
|
|
|
+
|
|
|
+circolog uses a sql-inspired query language. If you know SQL, then you can use "where clauses" in circolog. If
|
|
|
+you don't know SQL, don't worry: the language is easy enough for you to learn the most basic queries without
|
|
|
+worrying too much.
|
|
|
+
|
|
|
+You can only filter the rows, you can't sort them or group them in any way.
|
|
|
+
|
|
|
+Reference
|
|
|
+-----------
|
|
|
+
|
|
|
+Available fields:
|
|
|
+ - `message`: the string with the main information
|
|
|
+ - `app_name`: also known as "program" sometimes
|
|
|
+ - `facility`: an integer describing auth, daemon, user, etc.
|
|
|
+ - `hostname`: the hostname where the entry originated
|
|
|
+ - `timestamp`: date in format `2019-01-07T15:28:58+01:00`
|
|
|
+ - `severity`: an integer describing severity
|
|
|
+
|
|
|
+
|