Contents x
Select
  • 1 Minute to read
  • Contributors
  • Print
  • Dark
    Light
  • PDF
Contents

Select

  • 1 Minute to read
  • Contributors
  • Print
  • Dark
    Light
  • PDF

The Select pipe will help you retrieve only the data that you want and will help you to combine data from different sources.

Basic Syntax:

The basic syntax for a Select pipe is as follows:

Stream=stream_name | groupby column_name | select column_name

Here,

  • Stream is Firewall
  • Groupby function allows to organize similar data into groups i.e. groupby destination country.
  • Select function helps you to retrieve records from one or more tables, the records retrieved are known as a result set.

Let's now look at a practical example:

stream=firewall | groupby dstcn |select dstcn

This query will retrieve all fields for each event where the stream is a firewall, select and group it as per the destination country as shown below:

image.png

Was this article helpful?
What's Next

Cookie consent

By entering and using this site, you consent to the use of only necessary cookies to enhance your site experience and improve our services.