Microsoft Operations Management Suite (Oms) - Log Search Cheat Sheet

ADVERTISEMENT

MICROSOFT OPERATIONS MANAGEMENT SUITE (OMS) – LOG SEARCH CHEAT SHEET
SOURCE (REQUIRED)
OPERATOR
FIELD
TIME
„PIPE“
SORT
SELECT
AGGREGATE
Syntax:
Use one or more:
Syntax:
Syntax:
Syntax:
Syntax:
Syntax:
Syntax (Case Sensitive):
Literal strings, keywords e.g.
AND
NOW
SORT
TOP
MEASURE
WHERE
Field=Value or
OR
YEAR(S)
[ASC/DESC]
LIMIT
*,
error, warning, fail, ID4323, system
Field:Value
NOT
MONTH(S)
SKIP
Functions:
Example:
Field > Value or >=,<,<=
DAY(S)
SELECT
COUNT()
WHERE [Expression] >1
by Type field use = or : / solution (not complete list):
Field:[from..to]
HOUR(S)
MAX(Field)
Type=Event
MINUTE(S)
MIN(Field)
Time:
Type=PerfHourly
Example:
SECOND(S)
SUM(Field)
INTERVAL 1HOUR
Type=Alert
EventLog:”System”
MILLISECOND(S)
AVG(Field)
STDDEV(Field)
Notes:
INTERVAL
• Use * to return all available data
Alias:
• Wildcarding Type=*SQL* finds all records
Example:
AS
containing “SQL”
NOW-3HOURS
[Expression]
• Literal string “Windows Server” returns only
MONTH+4DAYS
results containing “Windows Server”
INTERVAL 1DAY
Group:
• Records on a specific point in time
[by Field]
TimeGenerated:2016-10-01T12:20
Time formats:
 yyyy-mm-ddThh:mm:ss.dddZ
DEDUP/EXTEND
FUNCTIONS
 yyyy-mm-ddThh:mm:ss.ddd
Syntax:
 yyyy-mm-ddThh:mm:ss
IN
 yyyy-mm-ddThh:mm:ss
Syntax:
Syntax:
 yyyy-mm-ddThh:mm
DEDUP
abs(x)
exp(x)
product(x,y,..)
Example:
 yyyy-mm-dd
EXTEND
acos(x)
floor(x)
recip()
Type=Event EventID IN
and()
hypo(x,y)
rad(x)
{4634,1201}
RegEx Syntax:
Example:
asin(x)
if()
rint(x)
Example:
Type=Event | DEDUP
atan(x)
linear()
sin(x)
EventID
atan2(x,y)
In(x)
sinh(x)
Computer=RegEx("server..@")
cbrt(x)
log(x)
scale()
Computer=RegEx("server...domain.com")
Type=Perf
ceil(x)
map()
sqrt()
CounterName="Private
cos(x)
max(x,y,..)
strdist()
@
Any string of characters
Bytes" | EXTEND
cosh(x)
min(x,y,..)
sub(x,y)
.
Any single character
div(CounterValue,1024)
def()
mod(x,y)
sum(x,y,..)
a?
Zero or one occurance
AS KBs
deg(x)
ms()
termfreq()
div(x,y)
not()
tan(x)
a*
Zero or more occurances
dist()
or()
tanh(x)
a+
One or more occurances
exists()
pow(x,y)
[abc]
Match any character in brackets
[^abc]
None of the characters in brackets
[a-z]
Match any single character in the brackets
[^a-z]
None of the characters in the range
[n-m]
Match a range of numeric characters
Version 2.0

ADVERTISEMENT

00 votes

Related Articles

Top 20 Happy Easter Cards And Gift Tags To Download For Free
Top Ten Easter Arts And Crafts Activities For Your Kids
Free Easter Coloring Pages And Easter Printables For Your Kids

Related forms

Managing In The Digital Era Cheat Sheet Managing In The Digital Era Cheat Sheet Education
Outlook Search Cheat Sheet Outlook Search Cheat Sheet Education
Gmail Search Cheat Sheet Gmail Search Cheat Sheet Education
Microsoft Access 2003 Cheat Sheet Microsoft Access 2003 Cheat Sheet Education
Microsoft Access 2013 Cheat Sheet Microsoft Access 2013 Cheat Sheet Education
Microsoft Dynamics Crm 2013 Client Api Cheat Sheet V1.1 Microsoft Dynamics Crm 2013 Client Api Cheat Sheet V1.1 Education
Microsoft Dynamics Gp Cheat Sheet Microsoft Dynamics Gp Cheat Sheet Education
Operations Manager Job Description Operations Manager Job Description Business
Operations Manager Operations Manager Business
Cheat Sheet - Subnetting Cheat Sheet - Subnetting Education

Related Categories

Parent category: Education
Download
Go
Page of 2