tencent cloud

Feedback

WHERE Syntax

Last updated: 2022-04-18 15:19:46

    The WHERE statement is used to extract the logs that meet the specified conditions.

    Syntax Format

    * | SELECT column (KEY) WHERE column (KEY) operator value
    

    The operator can be =, <>, >, <, >=, <=, BETWEEN, IN, or LIKE.

    Note:

    • In SQL, search conditions deliver higher performance than filters. You are advised to use search conditions to meet data filtering requirements. For example, you can use status:>400 | select count(*) as logCounts instead of * | select count(*) as logCounts where status>400 to get the statistical result faster.
    • The WHERE statement does not allow the AS clause. For example, if level:* | select level as log_level where log_level='ERROR' is run, an error will be reported because the statement does not comply with the SQL-92 specifications.

    Syntax Example

    Query logs with status code greater than 400 in the log data:

    * | SELECT * WHERE status > 400
    

    Query the number of logs whose request method is GET and client IP is 192.168.10.101 in the log data:

    * | SELECT count(*) as count WHERE method='GET' and remote_addr='192.168.10.101'
    

    Count the average size of requests with the URL suffix of .mp4:

    * | SELECT round(sum(body_bytes_sent) / count(body_bytes_sent), 2) AS avg_size  WHERE url like '%.mp4'
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support