Queries in VMware Aria Operations for Logs can retrieve and summarize events.
You can create and save queries from the Interactive Analysis page. A query consists of one or more of the following:
- Keywords
- Complete, or full-text, alphanumeric, hyphen, and/or underscore matches.
- Globs
- Complete, or full-text, alphanumeric, hyphen, and/or underscore matches.
- Regular expressions
- Sophisticated string pattern matching based on Java regular expressions.
- Field operations
- Keyword, regular expression, and pattern matches applied to extracted fields.
- Aggregations
- Functions that are applied to one or more subgroups of the results.
VMware Aria Operations for Logs supports the following types of queries:
- Message. A query made up of keywords, regular expressions and/or field operations.
- Regular expression or field. A query made up of keywords and/or regular expressions.
- Aggregation. A query made up of a function, one or more groupings, and any number of fields.
You can define custom alerts inVMware Aria Operations for Logs and trigger them from scheduled queries of any type.
