Saved queries are listed in the Queries list and can be run again and again against different databases.
Query Option |
Description | |
Name |
The name you want to use to refer to this query. The query name appears in the Queries list and in the query results title.
| |
Select Field |
Allows you to limit your query to specific event fields. To query all event fields, select All. To select multiple fields:
| |
Query Builder |
If you are unfamiliar with the SQL query language, you can use the Query Builder to help you define basic saved queries. The Query Builder simplifies the process of creating a query by allowing you to choose from lists of predefined parameters. The Query Builder then constructs the query statement from the parameters you select.
| |
|
Event Field |
The event field you want to query. For more information on the event fields, see Event Structure.
|
|
Condition |
The condition under which the logging server applies the Value to the Event Field. Depending on the Event Field, you can select the following conditions from the drop-down list box:
|
|
Value |
The value for the designated event field. The query statement applies the Value to the designated Event Field under the defined conditions. If an event matches the criteria, it is returned in the query results.
|
|
Operator |
To narrow the query results, you can define values for multiple event fields. Using standard And, Or, and End operators, you can define multiple event conditions. The conditions are accumulative; that is, the logging server applies the first, then the second, then the third, etc., to progressively narrow the results.
|
|
Arrows
|
The down-arrow moves the query in the Query Builder into the Query SQL Statement window. iManager builds an SQL query statement from the parameters you defined in the Query Builder. The up-arrow moves an SQL query statement from the Query SQL Statement window to the Query Builder. If the query statement includes clauses that are outside the scope of the Query Builder, iManager returns the error SQL statement is too complex to use builder.
|
Query SQL Statement |
Allows you to write a query statement. Queries are defined using the SQL query language. For basic information on building SQL queries, see the Novell® Audit Administration Guide. You do not need to include a FROM clause in your query statement. iManager dynamically builds the FROM clause using the table specified in the database definition you select when you run the query. However, if the query statement does include a FROM clause, iManager queries the table defined in the query statement. The following macros can be used in the SQL Statement:
| |
Translate column titles |
Select Translate Column Titles if you want Novell Audit Report to label the column headings with the field titles defined in the log schema. We recommend that you only select this option for queries that return one type of event. If you select this option for queries that return multiple types of events, Novell Audit Report labels the column headings with the field titles from the last event returned in the query. IMPORTANT: In order for this option to work, you must import each application's log schema. For information, see Product Events.
|
A trademark symbol (®, , etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.