Table of Contents
Advertisement
1
About the AQL
Query CLI
U
SING THE
You can use the AQL Event and Flow Query Command Line Interface (CLI) to
access flows and events stored in the Ariel database. This document provides
information on accessing and using the AQL query CLI including:
About the AQL Query CLI
•
Accessing the AQL Query CLI
•
Using a Select Statement
•
•
Using Where Clauses
•
Using the Group By Clause
Using the Order By Clause
•
Using the Count(*) Clause
•
Using the Distinct Clause
•
Using the Count (Distinct ...) Clause
•
Using the Materialize View Clause
•
•
Using the Like Clause
•
Using the Describe Statement
The AQL event and flow query CLI allows you to access raw flows and events
stored in the Aerial database. The AQL query CLI includes syntax that is a subset
of the SQL92 standard and provides support for two tables: events and flows.
Note: The AQL CLI does not provide support for joining tables.
The AQL Event and Flow Query CLI functions in the following modes:
Interactive mode - Using a simple shell, you can enter queries interactively
•
and view the results in a standard output. At the query prompt, any valid AQL
statement is accepted. If time is not specified (using
options), the last minute is assumed as the time range. You can also access
previous commands by using your up arrow. This is the default mode.
Non-interactive mode - You can enter the non-interactive mode by adding the
•
-execute <AQL query>
command must be followed by a valid AQL query surrounded by double quotes.
AQL Event and Flow Query CLI Guide
AQL Q
UERY
parameter to the command. The
CLI
and
-start
-end
-execute
Advertisement
Table of Contents
