1. Monitoring and Diagnostics Guide
  2. Querying Log Files After a Particular Time

Querying Log Files After a Particular Time

Use the following procedure to search log files created after a specific time. For other options of the Log File Analyzer (LFA) query command, see Creating and Saving LFA Queries.

To query events logged after a certain time

  • Enter:

    query query_name where time from "YYYY-MM-DD HH:MM:SS"

    where:

    • query_name is the query command output stored in memory under this name.

    • "YYYY-MM-DD HH:MM:SS" is the date and time of interest.

    Note: The exact time portion of the date and time parameter, HH:MM:SS, can be omitted. In this case, the date’s base time defaults to 00:00:00.

An example of this query command is as follows:

query timeqry where time from "2017-05-01 16:30:00"

This command queries log files created after May 1, 2017 at 4:30 PM, and saves the output to memory under the name timeqry.

This command is useful in combination with other parameters to filter results. For more information, see Querying Log Files Using Multiple Conditions.