Hi everyone!
does anyone know if it makes any difference how you order the search parameters in a search query?
example:
event_id=1234 event_channel="Security"
vs.
event_channel="Security" event_id=1234
Page 1 / 1
Hi Markus
From my experience it does make a difference as to performance how you structure your queries.
I always consider the approach like
repos (preferably using repo selector and not ‘repo_name=xxx’
device_name
event_channel
event_id
Hi Markus!
I just wanted to ask the exact same question.
For me this is a possible performance improvement for LogPoint: To consider the parts of the query independently and re-order them in the fastest way. If I--for example--do a very time-consuming search for a feature in the raw log and afterwards filter out easily distinguishable fields as the repo (as Hans Henrik suggested), there could be a large difference. I am considering to insert this as an idea for improvement.
Best regards
Reply
Sign up
Already have an account? Login
Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.
LOGIN AS PARTNER OR CUSTOMER Login with LinkedInLogin to the community
Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.
LOGIN AS PARTNER OR CUSTOMER Login with LinkedInEnter your E-mail address. We'll send you an e-mail with instructions to reset your password.