Generating an SQL query using KUMA SQL functions

KUMA's SQL functions allow using the attributes of assets and accounts in search queries to filter events, generate reports and widgets (graph type: Table). You can enrich events with data from dictionaries, tables, assets, and accounts using the following sets of functions:

• The enrich function set. Allows enriching query results with fields of the asset or account, values from a dictionary of the Dictionary type or a dictionary of the Table type. The enrich function set includes the following functions:
  • enrich_assets
  • enrich_accounts
  • enrich_table
  • enrich_dictionary
• The lookup function set. Allows adding conditions for assets and accounts to the search query. The lookup function set includes the following functions:
  • lookup_assets
  • lookup_accounts
  • lookup_assets_category

The maximum number of events per query is 10,000.

Page top