The page that you are currently viewing is for an old version of Stroom (7.6). The documentation for the latest version of Stroom (7.8) can be found using the version drop-down at the top of the screen or by clicking here.

Searching Data

Searching the data held in Stroom using Dashboards, Queries, Views and Analytic Rules.
Tags:

Data in stroom (and in external Elastic indexes) can be searched using a number of ways:

  • Dashboard Combines multiple query expressions, result tables and visualisations in one configurable layout.

  • Query Executes a single search query written in StroomQL and displays the results as a table or visualisation.

  • Analytic Rule Executes a StroomQL search query either against data as it is ingested into Stroom or on a scheduled basis.

Data Sources

Stroom has multiple different types of data sources that can be queried by Stroom using Dashboards, Queries and Analytic Rules.

Dashboards

A Dashboard document is a way to combine multiple search queries, tables and visualisations in a configurable layout.

Query

A Query document defines a search query in text form using the Stroom Query Language and displays the results as a table or a visualisation.

Analytic Rules

Analytic Rules are queries that can be run against the data either as it is ingested or on a scheduled basis.

Search Extraction

The process of combining data extracted from events with the data stored in an index.

Dictionaries

Last modified February 11, 2025: Merge branch '7.5' into 7.6 (613d33f)