...
In the initial search, the user enters a search query of simple criteria, and the search is executed on all the event data. In this simple search, the user can search the event data for a simple term or more than one term, perform a Boolean search, a search with wildcards, or a comparison a column-based search.
The execution of the search query returns a list of all matching events from all relevant logs (latest on top). In addition, XpoSearch returns a graphical view of the distribution of the matching events over time and per data source.
...
The resulting events of a simple search can be minimized by refining the search results using either or both of the following methods:
- Performing a Filtered Search – filtering the resulting events according to the source of the event – logs, files, applications, or servers
- Performing an Analytics-based Search – adding one of the event data fields discovered during the simple search to the search criteria of the simple search
...