QueryDefinitionDto

Query definition

Properties

QueryConstraint

constraints Required

Constraints for the query associated with this dataset

string

name Required

A unique query name

array of AggregationFunction

aggregationFunctions Optional

List of aggregate field and function names

string

contentPackId Optional

ID of the content pack that this query belongs to if the query is part of a content pack

string

description Optional

Detailed description of the query definition

array of GroupByTerm

groupByTerms Optional

List of ‘group by’ field names and types

string

queryId Optional

A unique query identifier

array of RelationFunction

relationFunctions Optional

List of relation names and types. The allowed relation type includes: LOGS

string

source Optional

All allowed sources of query, which include: USER_DEFINED

Possible values are: USER_DEFINED

JSON Example

Show optional properties

{
	"constraints": {
		"constraints": "QueryConstraint Object",
		"operator": "AND"
	},
	"name": "string"
}

{
	"aggregationFunctions": [
		{
			"fieldName": "string",
			"functionName": "COUNT"
		}
	],
	"constraints": {
		"constraints": "QueryConstraint Object",
		"fieldName": "string",
		"operator": "AND",
		"tags": [
			"string"
		],
		"value": "string"
	},
	"contentPackId": "string",
	"description": "string",
	"groupByTerms": [
		{
			"fieldName": "string",
			"groupByType": "EACH_VALUE"
		}
	],
	"name": "string",
	"queryId": "string",
	"relationFunctions": [
		{
			"relationName": "string",
			"relationType": "LOGS",
			"shardInfo": {
				"key": "string"
			}
		}
	],
	"source": "USER_DEFINED"
}

[{"label":"Latest (v1)","version":"latest"}]

vmware-aria-operations-for-logs

Property Of

AlertDefinitionDto

QueryDefinitionDto

Properties

JSON Example

Property Of

Was this page helpful?