Data Sources
Stroom has multiple different types of data sources that can be queried by Stroom using Dashboards, Queries and Analytic Rules.
Searching Data
Searching the data held in Stroom using Dashboards, Queries, Views and Analytic Rules.
Data in stroom (and in external Elastic indexes) can be searched using a number of ways:
-
Dashboard Combines multiple query expressions, result tables and visualisations in one configurable layout.
-
Query Executes a single search query written in StroomQL and displays the results as a table or visualisation.
-
Analytic Rule Executes a StroomQL search query either against data as it is ingested into Stroom or on a scheduled basis.
Dashboards
A Dashboard document is a way to combine multiple search queries, tables and visualisations in a configurable layout.
Query
A Query document defines a search query in text form using the Stroom Query Language and displays the results as a table or a visualisation.
Analytic Rules
Analytic Rules are queries that can be run against the data either as it is ingested or on a scheduled basis.
Search Extraction
The process of combining data extracted from events with the data stored in an index.
Last modified September 3, 2024: Merge branch '7.3' into 7.4 (5c464f0)