github.com/siglens/siglens@v0.0.0-20240328180423-f7ce9ae441ed/cicd/restart.csv

github.com/siglens/siglens@v0.0.0-20240328180423-f7ce9ae441ed/cicd/restart.csv (about)

     1  *,now-90d,now,*,total,eq,10000,Pipe QL
     2  app_name=Oxam,now-90d,now,*,total,gt,0,Pipe QL
     3  batch=batch-*,now-90d,now,*,total,eq,10000,Pipe QL
     4  min(zip) groupby batch,now-90d,now,*,total,,100,Pipe QL
     5  Sunday,now-90d,now,*,total,gt,1,Pipe QL
     6  hortensebaumbach@emard.io,now-1d,now,*,total,gt,0,Pipe QL
     7  http_status>400,now-1d,now,*,total,gt,0,Pipe QL
     8  cardinality(user_email),now-1d,now,*,total,,1,Pipe QL
     9  """https://picsum.photos/127/459""",now-1d,now,*,total,eq,2,Pipe QL
    10  latency<18580 AND app_name=Stresscrawl,now-1d,now,*,total,eq,1,Pipe QL
    11  """MintCream""",now-1d,now,*,total,eq,750,Pipe QL
    12  "(MintCream AND (""Thursday"" OR ""Monday""))",now-1d,now,*,total,eq,212,Pipe QL
    13  "(MintCream AND (""Thursday"" OR ""Monday"")) | min(latency) groupby state",now-1d,now,*,total,eq,212,Pipe QL
    14  latency<10000 AND latitude>0 AND longitude > 0,now-1d,now,*,total,eq,27,Pipe QL
    15  404,now-1d,now,*,total,gt,100,Pipe QL
    16  404 OR 500,now-1d,now,*,total,gt,100,Pipe QL
    17  min(latency),now-1d,now,*,group:min(latency):*,eq,110,Pipe QL
    18  "min(latency) groupby city, http_method",now-1d,now,*,group:min(latency):Boston:POST,eq,5479,Pipe QL
    19  "select batch as bt",now-1d,now,*,total,gt,100,SQL
    20  "select weekday",now-1d,now,*,total,gt,1,SQL
    21  "select gender as bt, city as `ct` from ind-0",now-1d,now,*,total,gt,0,SQL
    22  "select batch as bt order by batch",now-1d,now,*,total,gt,100,SQL
    23  "select batch as bt order by batch desc",now-1d,now,*,total,gt,100,SQL
    24  "select batch as bt order by batch asc",now-1d,now,*,total,gt,100,SQL
    25  "{app_name=""Oxam""}",now-1d,now,*,total,gt,0,Log QL
    26  "{batch=""batch-*""}",now-1d,now,*,total,gt,100,Log QL
    27  "{weekday=""Sunday""} |= ""Sunday""",now-1d,now,*,total,gt,1,Log QL
    28  "{batch=""batch-*""} | json",now-1d,now,*,total,gt,100,Log QL
    29  "{gender=""female""} | http_status>400",now-1d,now,*,total,gt,0,Log QL
    30  "{gender=""female"",city=""Fresno""} != ""batch-212""",now-1d,now,*,total,gt,100,Log QL
    31  "{weekday=""Sunday""} | json",now-1d,now,*,total,gt,1,Log QL
    32  "{gender=""female"",city=""Fresno""} | json city_life=""city"", single_gender=""gender""",now-1d,now,*,total,gt,100,Log QL
    33  "{gender=""female"",city=""Fresno""} | logfmt city_life=""city"", single_gender=""gender""",now-1d,now,*,total,gt,100,Log QL
    34  "{weekday=""Sunday""} | logfmt",now-1d,now,*,total,gt,1,Log QL
    35  "count_over_time({batch=""batch-*""}[1d])", now-1d,now,*,total,gt,100,Log QL
    36  app_name=Oxam,now-90d,now,*,total,gt,0,Splunk QL
    37  search app_name=Oxam,now-90d,now,*,total,gt,0,Splunk QL
    38  search Sunday,now-90d,now,*,total,gt,1,Splunk QL
    39  search http_status>400,now-1d,now,*,total,gt,0,Splunk QL
    40  search 404,now-1d,now,*,total,gt,100,Splunk QL
    41  search 404 OR 500,now-1d,now,*,total,gt,100,Splunk QL
    42  search latency<18580 AND app_name=Stresscrawl,now-1d,now,*,total,eq,1,Splunk QL
    43  search MintCream AND Thursday OR Monday,now-1d,now,*,total,eq,212,Splunk QL
    44  search (MintCream AND Thursday) OR Monday,now-1d,now,*,total,gt,212,Splunk QL
    45  search    (   MintCream    AND   Thursday  )   OR   Monday,now-1d,now,*,total,gt,212,Splunk QL
    46  search MintCream Thursday OR Monday,now-1d,now,*,total,eq,212,Splunk QL
    47  search NOT (city!=Boston OR NOT weekday=Friday),now-1d,now,*,total,eq,135,Splunk QL
    48  search batch=batch-*,now-90d,now,*,total,eq,10000,Splunk QL
    49  latency<10000 | search latitude>0 | search longitude>0,now-1d,now,*,total,eq,27,Splunk QL
    50  latency<10000 | latitude>0 | search longitude>0,now-1d,now,*,total,gt,10,Splunk QL
    51  "search batch=batch-5 | regex city=""^[A-L][a-z]+\s[a-zA-Z]+$""",now-1d,now,*,total,eq,15,Splunk QL
    52  "search batch=batch-5 | regex city!=""^[A-L][a-z]+\s[a-zA-Z]+$""",now-1d,now,*,total,eq,77,Splunk QL
    53  batch=batch-10|stats count,now-1d,now,*,group:count(*):*,eq,114,Splunk QL
    54  batch=batch-10 | stats count,now-1d,now,*,group:count(*):*,eq,114,Splunk QL
    55  batch=batch-10 | stats count(http_method),now-1d,now,*,group:count(http_method):*,eq,114,Splunk QL
    56  batch=batch-10 | stats distinct_count(http_method),now-1d,now,*,group:cardinality(http_method):*,eq,6,Splunk QL
    57  city=Boston | stats min(latitude),now-1d,now,*,group:min(latitude):*,eq,-89.901,Splunk QL
    58  city=Boston | stats max(latitude),now-1d,now,*,group:max(latitude):*,eq,89.982,Splunk QL
    59  city=Boston | stats range(latitude),now-1d,now,*,group:range(latitude):*,eq,179.884,Splunk QL
    60  city=Boston | stats avg(latitude),now-1d,now,*,group:avg(latitude):*,eq,0.403,Splunk QL
    61  city=Boston | stats sum(latitude),now-1d,now,*,group:sum(latitude):*,eq,416.553,Splunk QL
    62  city=Boston | stats values(gender),now-1d,now,*,group:values(gender):*,eq,"female&nbspmale",Splunk QL
    63  "batch=batch-10 | stats count, min(latitude), max(latitude)",now-1d,now,*,group:max(latitude):*,eq,89.228,Splunk QL
    64  batch=batch-10 | stats count BY city,now-1d,now,*,group:count(*):St. Louis,eq,2,Splunk QL
    65  "batch=batch-10 | stats count BY city, http_status",now-1d,now,*,group:count(*):St. Louis:200,eq,1,Splunk QL
    66  "404 | fields city, weekday",now-1d,now,*,total,gt,100,Splunk QL
    67  "404 | ```Only keep city and weekday columns``` fields city, weekday",now-1d,now,*,total,gt,100,Splunk QL
    68  404 | fields http*,now-1d,now,*,total,gt,100,Splunk QL
    69  city=Boston | stats count AS Count BY weekday,now-1d,now,*,group:Count:Monday,eq,145,Splunk QL
    70  city=Boston | stats count AS Count BY weekday | eval Append123=Count . 123, now-1d,now,*,group:Append123:Monday,eq,145123,Splunk QL
    71  city=Boston | stats count AS Count BY zip | eval Summary=Count . zip, now-1d,now,*,group:Summary:85833,eq,285833,Splunk QL
    72  city=Boston | stats count AS Count BY zip | eval Average=(Count + zip) / 2,now-1d,now,*,group:Average:31414,eq,15707.5,Splunk QL
    73  city=Boston | stats count AS Count BY http_status | eval abs=abs(http_status - 1000),now-1d,now,*,group:abs:400,eq,600,Splunk QL
    74  city=Boston | stats count AS Count BY weekday | eval ceil=ceil(Count + 0.1),now-1d,now,*,group:ceil:Thursday,eq,157,Splunk QL
    75  city=Detroit | stats count AS Count BY latitude | where latitude > 89.6 | eval round=round(latitude),now-1d,now,*,group:round:89.982058,eq,90,Splunk QL
    76  city   =     Detroit | stats    count   AS   Count   BY   latitude | where   latitude>    89.6 | eval round  =  round(  latitude),now-1d,now,*,group:round:89.982058,eq,90,Splunk QL
    77  "city=Detroit | stats count AS Count BY latitude | where latitude > 89.6 | eval round=round(latitude, 3)",now-1d,now,*,group:round:89.982058,eq,89.982,Splunk QL
    78  city=Columbus | stats count AS Count BY http_status | eval sqrt=sqrt(http_status + 200),now-1d,now,*,group:sqrt:200,eq,20,Splunk QL
    79  city=Boston | stats count AS Count BY app_name | eval len=len(app_name) | where len > 22,now-1d,now,*,group:len:MediumSeaGreenstupidity,eq,23,Splunk QL
    80  "city=Boston | stats count AS Count BY state | eval myField=""Test concat:"" . lower(state) . "" end""",now-1d,now,*,group:myField:New Hampshire,eq,Test concat:new hampshire end,Splunk QL
    81  "city=Boston | stats count AS Count BY state | eval myField=ltrim(state, ""Ma"") . "" test end""",now-1d,now,*,group:myField:Massachusetts,eq,ssachusetts test end,Splunk QL
    82  "city=Boston | stats count AS Count BY state | eval myField=""test "" . "" start:"" . rtrim(state, ""nd"")",now-1d,now,*,group:myField:Maryland,eq,test  start:Maryla,Splunk QL
    83  "city=Boston | stats count AS Count BY http_status | eval myField=if(http_status > 400, http_status + 10, ""Error"")",now-1d,now,*,group:myField:500,eq,510,Splunk QL
    84  "city=Boston | stats count AS Count BY http_status | eval myField=if(http_status > 400, http_status, ""Error"")",now-1d,now,*,group:myField:400,eq,Error,Splunk QL
    85  "city=Boston | stats count AS Count BY http_status | where http_status in(404, 301, ""abc"")",now-1d,now,*,total,eq,1032,Splunk QL
    86  "city=Boston | stats count AS Count BY state | eval myField=if(in(state, ""Mary"" . ""land"", ""Hawaii"", 99 + 1), state . "" Success"", ""Error"")",now-1d,now,*,group:myField:Maryland,eq,Maryland Success,Splunk QL
    87  "city=Boston | stats count AS Count BY state | eval myField=if(in(state, ""Mary"" . ""land"", ""Hawaii"", 99 + 1), state . "" Success"", ""Error"")",now-1d,now,*,group:myField:Washington,eq,Error,Splunk QL
    88  "city=Boston | stats count AS Count BY country | eval result=if(isstr(country), ""This is a string"", ""This is not a string"")",now-1d,now,*,group:result:Iraq,eq,This is a string,Splunk QL
    89  "city=Boston | stats count AS Count BY http_status | eval result=if(isint(http_status), ""This is an integer"", ""This is not an integer"")",now-1d,now,*,group:result:500,eq,This is an integer,Splunk QL
    90  "city=Boston | stats count AS Count BY city | eval result=if(isbool(city), ""This is a boolean value"", ""This is not a boolean value"")",now-1d,now,*,group:result:Boston,eq,This is not a boolean value,Splunk QL
    91  "city=Boston | stats count AS Count BY state | eval result=if(isnull(state), ""This is a null value"", ""This is not a null value"")",now-1d,now,*,group:result:Maine,eq,This is not a null value,Splunk QL
    92  "city=Boston | stats count AS Count BY http_status | eval result=urldecode(""http%3A%2F%2Fwww.splunk.com%2Fdownload%3Fr%3Dheader"")",now-1d,now,*,group:result:500,eq,"http://www.splunk.com/download?r=header",Splunk QL
    93  "city=Boston | stats count AS Count BY http_status | eval result=max(1, 3, 450, http_status)",now-1d,now,*,group:result:200,eq,450,Splunk QL
    94  "city=Boston | stats count AS Count BY http_status | eval result=min(1, 3, 450, http_status)",now-1d,now,*,group:result:200,eq,1,Splunk QL
    95  "city=Boston | stats count AS Count BY ident | eval result=split(ident,""-"")",now-1d,now,*,group:result:ae0f4f93-5789-43c9-92a2-e7d7b4cbc31e,eq,ae0f4f93&nbsp5789&nbsp43c9&nbsp92a2&nbspe7d7b4cbc31e,Splunk QL
    96  "city=Boston | stats count AS Count BY http_status | eval result=exact(3.14 * http_status)",now-1d,now,*,group:result:200,eq,628,Splunk QL
    97  "city=Boston | stats count AS Count BY http_status | eval result=exp(3)",now-1d,now,*,group:result:200,eq,20.085536923187668,Splunk QL
    98  "city=Boston | stats count AS Count BY http_status | eval result=if(like(http_status, ""4%""), ""True"", ""False"")",now-1d,now,*,group:result:400,eq,True,Splunk QL
    99  "city=Boston | stats count AS Count BY country | eval result=if(match(country, ""^Sa""), ""yes"", ""no"")",now-1d,now,*,group:result:Saudi Arabia,eq,yes,Splunk QL
   100  "city=Boston | stats count AS Count BY http_status | eval result=if(cidrmatch(""192.0.2.0/24"", ""192.0.2.5""), ""local"", ""not local"")",now-1d,now,*,group:result:200,eq,local,Splunk QL
   101  "city=Boston | stats count AS Count BY state | eval result=substr(""splendid"", 1, 3) . substr(""chunk"", -3)",now-1d,now,*,group:result:Maine,eq,splunk,Splunk QL
   102  "city=Boston | stats count AS Count BY state | eval result=tonumber(""0A4"",16)",now-1d,now,*,group:result:Maine,eq,164,Splunk QL
   103  "city=Boston | stats count AS Count BY state | eval result=tostring((2 > 1))",now-1d,now,*,group:result:Maine,eq,true,Splunk QL
   104  "city=Boston | stats count AS Count BY state | eval result=tostring(15,""hex"")",now-1d,now,*,group:result:Maine,eq,0xf,Splunk QL
   105  "city=Boston | stats count AS Count BY state | eval result=tostring(12345.6789,""commas"")",now-1d,now,*,group:result:Maine,eq,"12,345.68",Splunk QL
   106  "city=Boston | stats count AS Count BY state | eval result=tostring(615,""duration"")",now-1d,now,*,group:result:Maine,eq,00:10:15,Splunk QL
   107  "city=Boston | stats count AS Count BY weekday | rex field=weekday ""(?<first>.{3})(?<second>.*)""",now-1d,now,*,group:first:Friday,eq,Fri,Splunk QL
   108  "city=Boston | stats count AS Count BY http_status | rex field=http_status ""(?<first>\d)(?<second>\d)(?<third>\d)""",now-1d,now,*,group:third:404,eq,4,Splunk QL
   109  "city=Boston | rare country useother=true otherstr=testOther percentfield=pc countfield=ct showperc=false",now-1d,now,*,group:ct:United States of America,eq,4,Splunk QL
   110  "city=Boston | stats count AS gg BY state | top 10 state useother=true countfield=true percentfield=percent",now-1d,now,*,group:percent:Wyoming,eq,1.841085,Splunk QL
   111  "city=Boston | stats count AS Count BY http_method | rename http_method AS ""test""",now-1d,now,*,group:Count:POST,eq,184,Splunk QL
   112  "city=Boston | stats count AS Count BY http_status, http_method | eval newField=(http_status - 1000) | rename newField AS http_method",now-1d,now,*,group:http_method:400,eq,-600,Splunk QL
   113  city=Boston | stats count AS Count BY http_method | eval newField=lower(http_method) | rename new* AS start*end,now-1d,now,*,group:startFieldend:PATCH,eq,patch,Splunk QL
   114  "city=Boston | stats max(latitude), range(eval(latitude >= 0)) AS range",now-1d,now,*,group:range:*,eq,89.752,Splunk QL
   115  "* | stats count(eval(latitude < 0)) AS count, dc(eval(lower(app_name)))",now-1d,now,*,group:count:*,eq,"50,146",Splunk QL
   116  "* | stats min(eval(latitude < 0)), max(eval(latitude < 0)) AS max, range(eval(latitude < 0)) BY weekday",now-1d,now,*,group:max:Monday,eq,-0.004012,Splunk QL
   117  "app_name=""Albumis"" (Wednesday OR Tuesday)",now-1d,now,*,total,eq,2,Splunk QL
   118  "app_name=""Albumis"" (Wednesday OR Tuesday) NOT asdfjklnvwer",now-1d,now,*,total,eq,2,Splunk QL