EQL Basics: An Intro to Elastic's Event Query Language

Los Angeles
Thu, Nov 17, 11:00 AM (PST)

2 RSVP'ed

About this event

EQL Basics: An Intro to Elastic's Event Query Language - Nama Illo- Education Architect at Elastic

Talk Abstract:

In this presentation, we provide an introductory overview of Elastic’s Event Query Language (EQL) which is used for searching event-based time series data, such as logs, metrics, and traces. This includes an overview of what is considered “event data” based on the Elastic Common Schema (ECS) guidelines, a reference to EQL basic syntax, and a mock scenario that helps illustrate how events can be searched within an Elasticsearch index that contains ECS categorization fields.