Basic Trix Queries
Query | Explanation |
|---|---|
* in log.audit | trix trix.uniqueIds.fields = (thread) | thread column as a unique id - mandatory |
* in log.audit | trix trix.uniqueIds.fields = (thread) trix.uniqueSubIds.fields = (user) | user column as an optional unique key |
* in log.audit | trix trix.uniqueIds.fields = (thread) trix.uniqueSubIds.fields = (user) cep.name=(session id) | The name for each transaction will be determined by the session id value |
* in log.audit | trix trix.uniqueIds.fields = (thread) trix.uniqueSubIds.fields = (user) cep.name=(session id) cep.groups=(session id) | groups list will be determined by the session id values |
* in log.audit | trix trix.uniqueIds.fields = (thread) trix.uniqueSubIds.fields = (user) cep.name=(session id) cep.groups=(session id) type=(thread) | types list will be determined by the thread values |
Data-filtered Trix Queries
Query | Explanation |
|---|---|
* in log.audit | trix trix.uniqueIds.fields = (thread) cepNode.maxEventLimit=3 | Max number of events for each transaction |
* in log.audit | trix trix.uniqueIds.fields = (thread) startRule = (message contains opened) endRule = (message contains login) | Start and End conditions |
* in log.audit | trix trix.uniqueIds.fields = (thread) cepNode.timeframe.limit = (5 seconds) | The transaction will be closed after limit-Time has expired |
* in log.audit | trix trix.uniqueIds.fields = (thread) cepNode.event.timeframe.limitFromStart = (10 minutes) | Only events which are less than limitTimeFromStart from the first event will be added to the transaction. |
Complex Trix Queries