circolog/docs/query.md

718 B

Query language

circolog uses a sql-inspired query language. If you know SQL, then you can use "where clauses" in circolog. If you don't know SQL, don't worry: the language is easy enough for you to learn the most basic queries without worrying too much.

You can only filter the rows, you can't sort them or group them in any way.

Reference

Available fields:

  • message: the string with the main information
  • app_name: also known as "program" sometimes
  • facility: an integer describing auth, daemon, user, etc.
  • hostname: the hostname where the entry originated
  • timestamp: date in format 2019-01-07T15:28:58+01:00
  • severity: an integer describing severity