fields
Description
It filters the output fields.
Syntax
fields <filter-options> <field-list>
Required Arguments
| Parameter | Syntax | Description |
|---|---|---|
<field-list> | <field> [, <field>] | List of fields for filtering. Supports wildcard. |
Optional Arguments
| Parameter | Syntax | Default | Description |
|---|---|---|---|
<filter-options> | (+|-) | + | + indicates that the listed fields should remain, - indicates that the listed fields should be removed from the result. |
tip
The + indicator can be omitted.
Example Queries
Example №1
source radius_logs
| fields event.code, host.hostname
Example №2
source radius_logs
| fields - event.code