Then you can enrich that data with additional information like threat intelligence data, IP geolocation, WHOIS data, and LDAP/AD information. I’m able to search using the admin user with the “Search/Absolute : Message search” API feature, but I have a need to search from a stream with a user that only has privileges to that particular stream. Examples of this attribute can be "groupMembership" or "Member" How do I match more than one attribute? For example,. Here are a few examples for possible values. NET, Serilog provides diagnostic logging to files, the console, and elsewhere. #web_tls_cert_file = /path/to/graylog-web. What is important is that only Graylog interacts with the logging agents. For example, if you want to search for an artist by name specify entity=allArtist&attribute=allArtistTerm. Opsgenie acts as a dispatcher for Graylog alerts, determines the right people to notify based on on-call schedules- notifies via email, text messages (SMS), phone calls and iPhone & Android push notifications, and escalates alerts until the alert is. Graylog offers a keyword time frame selector that allows you to specify the time frame for the search in natural language like last hour or last 90 days. I am trying to apply an item template to my elasticsearch cluster, to deal with the issue of having fields with content longer than 32kb. Commit 03f9ff7c authored Feb 29, @@ -10,9 +10,82 @@ centralised installation of Graylog. Stable release and deprecation of the original graylog2/gelf-php. The only common issue I've seen online is to with timezone settings putting these events into the future, but the time on our Palo Alto Panorama sender is correct (PST) and trying an absolute time search a day into the future reveals nothing. When your dynamic IP address changes, Graylog will no longer work properly. ##Notic This is forcked version of swisnl/laravel-graylog2 i'm using it on my project Don't use me yet. For example, if an incoming message contains the field docker. If you try to set a type on an event that already has one (for example when you send an event from a shipper to an indexer) then a new input will not override the existing type. “last month” searches between one month ago and now. In addition, this user must have write access to the data and log dirs. jar file in your Graylog plugin directory. I have tried: \Qaccess denied\E But this matches all strings with "access" and "denied". 1 and refuses connection requests from other servers. I cannot find online a listing of all of the graylog "builtins" which are usable in search. Here are a few examples for possible values. and it'll keep on. Example: all. For example, I want to create an Alert, which alert me, if one ip fails to login 10 times the last 10 minutes. The search queries could be saved. What is important is that only Graylog interacts with the logging agents. You are correct that Barnyard2 is really almost dead. For example, if you search for issues using the query term 'customize' on the Summary field, Jira stems this word to its root form. The following sections describe the recommended settings for the Graylog Server Virtual Services. title:"foo bar". 0 Graylog2-web-interface: 0. Semantic Logger is a feature rich logging framework, and replacement for existing Ruby or Rails loggers. Here is an example of an Apache and server performance monitoring dashboard using the two Elasticsearch indices as data sources. because of conflicting field datatypes), Elasticsearch will throw an exception and won’t create the index. However, if graylog and mongodb servers both are located in the same server, you can just leave mongodb as it is, since mongodb listen initially only 127. Net Core Logging with Nlog and Elasticsearch by Damien Bowden […] Sagar Solanki · April 3, 2017 - 16:57 · Reply → Thank you for the post, that's cool, Can you also share the source code as an attachment?. It would be much helpful if you can share a documentation link explaining about all the fields for each API so that I can play around with available options. This post shows eight examples of great developer documentation, where the time invested yields great dividends for the app's teams. Graylog Search with strings containing / "-EndPoint:example/example$" It search for the string, making sure, it's the end of the string. Graylog2 - 3 - Logstash nagios_nsca Introduction. Using Graylog's Rest API by Anna Kennedy — on technical , graylog 14 Dec 2016 Lately I've been working on setting up a logging stack consisting of the ELG components - that is, ElasticSearch, Logstash, and Graylog. Elasticsearch stores all the logs sent by the Graylog server and displays the messages when the graylog web interface requests for full filling user request over the web interface. In this case I am using the version 5 records due to the above mention stability issues with the newer versioning. ##Notic This is forcked version of swisnl/laravel-graylog2 i'm using it on my project Don't use me yet. Here are a few examples for possible values. For example by enabling the creation of content in multiple languages and the distribution of those based on behavioural targeting or user segmentation. Configure Web host to send apache logs to Graylog server. We can even tell Graylog to ignore all un-named captures when creating an extractor. The -ExclusionPath will need to be changed to what you configured in SQL on install. I tried to pass regex with field:/regex query/ but found that in some cases ES doesn't handle it well. Do you want to use Graylog HTTP alerts? Graylog alert (>= 3. rpm CENTOS 6 yum install libdbi. Example search: source:myapp AND Exception, timeframe: Last 24 hours. Splunk Cloud - Easy and fast way to analyze valuable machine data with the convenience of software as a service (SaaS). This is an example NetFlow message in. For example: we use it on our Windows Server (FileServer) for collecting security logs (Security audit for files - who deleted it, what file etc. Graylog is log management and analysis software based on Elasticsearch and mongoDB. service Henüz ayarlamalar bitmiş durumda değil. com provides a central repository where the community can come together to discover and share dashboards. 0 Graylog2-web-interface: 0. Provide details and share your research! But avoid …. In no time, you can have a dashboard up and running. because of conflicting field datatypes), Elasticsearch will throw an exception and won’t create the index. Parses a payload containing JSON in the Graylog2 Extended Format specficiation. Welcome to the Graylog documentation¶. Graylog is a Java server that uses Elastic Search to store log entries. In Graylog, set up a UDP syslog input at the port and network interface you configured in rsyslog earlier and confirm that messages are arriving. Commit 03f9ff7c authored Feb 29, @@ -10,9 +10,82 @@ centralised installation of Graylog. GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together. Hej, I'm trying to query graylog for any message not containing something that would match the regex pattern: (\\w+-)*\\d+ For example: some-article-x-12397 But normal regex seems not to be. For easy start, there is a dropdown with predefined searches in the top-right corner of the Graylog interface. Here are a few examples for possible values. Using Graylog's Rest API by Anna Kennedy — on technical , graylog 14 Dec 2016 Lately I've been working on setting up a logging stack consisting of the ELG components - that is, ElasticSearch, Logstash, and Graylog. The charm installs Graylog using the snap package. Graylog is an integrated log capture and analysis solution for operational intelligence. Investigate: tools and techniques. Graylog offers a keyword time frame selector that allows you to specify the time frame for the search in natural language like last hour or last 90 days. in addition to the basic search functionality on all of your sources, you can search the logs of a specific host, or in a specific time frame. Malware name example. Function Prototype: First we have to select the alert type Delorean. You can take a look into the attributes file under attributes/default. Support for that is currently not implemented in Graylog. Graylog ımplementation for ASP. This makes it possible to send log data from multiple Tyk processes to a Sentry server in order to monitor the context around HTTP errors and other notifications created by Tyk. Yet when I click into the Stream (or search --> tags:"Palo Alto") there are no events to be found. Graylog Extractors are used to extract fields, that can be used in queries in Graylog, from the log stream. This guide will take you through how to install Redmine with Apache and MariaDB on CentOS 8. How to go about Trisul scripting. However, Graylog comes with alerting built into the open source version, as well as several other notable features like streaming, message rewriting, and geolocation. Then you can enrich that data with additional information like threat intelligence data, IP geolocation, WHOIS data, and LDAP/AD information. Centralize and aggregate all your log files for 100% visibility. It also provides a query language to search through log data. There is nothing wrong with the log line. SearchResponse class represents the result that is being returned to the web interface (or other callers of the REST API). If you want to search for specific messages (i. For examples, you could enable ICMP IDS rules and ping a host you are monitoring with Snort to trigger an alert to arrive in Graylog. Graylog needs to know the address of at least one other Elasticsearch node given in the elasticsearch_hosts setting. jar file in your Graylog plugin directory. We can use it to search in all log files of a server when using it together with Graylog. Lucene has a custom query syntax for querying its indexes. Image by Brian Tomlinson on flickr. Of course, you could hook in any other data source that is supported by Grafana to create a more comprehensive dashboard:. It does this by using mongodb as its backend and providing a web interface. Elasticsearch 2. The following are top voted examples for showing how to use org. In this article I'll be providing a basic walkthrough of how to setup an Arm64/Aarch64 device such as the Rock64 as a secure Wifi AP with Pi-Hole DNS and an IDS. Lucene Query Syntax. Tyk’s logger supports multiple back-ends, the one that currently ships with Tyk is the Sentry hook. Following are a couple of examples on search queries:. This means that searches on them do not mean equals [search term] but contains [search term]. 1 as the public IP address of the server and graylog. Lucene supports fuzzy searches based on the Levenshtein Distance, or Edit Distance algorithm. Hey @Radhakrishnan, this looks like an easy fix. It's a fast, scalable, and relevant search bar for your everyday work life. Search for word "foo" in the title field. I'm trying out Graylog for system logs and Snort alerts. According to the Graylog Searching documentation, Graylog is close to Lucene. Here are a few examples for possible values. "last month" searches between one month ago. For more in depth information read the official introduction on osdxp. Yet when I click into the Stream (or search --> tags:"Palo Alto") there are no events to be found. step to configure graylog dashboard. To create a new Graylog Dashboard, do the following: Go to the Dashboards section and click Create dashboard to create a new dashboard called EJBCA stats. Right around the time that Logan was having an inside-out encounter with his breakfast in the university lab, two people were washing up after having a bit of Vietnamese tea across town in the Nob Hill district. Currently I am unsure if the PUT/POST actions work Due to issues with Graylog2 documentation, I cannot test that any of the methods that use post/put actions will work, so lets assume for now that they do not. NOTE: There are multiple options for reading this documentation. 2, and Cacti 0. Conclusion. 0_65, whereis java gives me lot of path, but if I try to navigate to check there, I can see only skyblue colored java files at /usr/bin/java, and if I'm not wrong its a softlink. And this is where Graylog comes in. GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together. crt # The PKCS#8 private key file in PEM format to use for securing the web interface. Please click the following link and then click on Bible to see a glimpse of what our website will look like. In this tutorial, I will guide you trough the Graylog2, Elasticsearch and MongoDB installation to build a scalable log server node with advanced log search capabilities. The MySQL is the choice because of the Cacti. Graylog is a fully integrated open source log management platform for collecting, indexing, and analyzing both structured and unstructured data from almost any source. If you are using a shared Elasticsearch setup, a problem with indices unrelated to Graylog might turn the cluster status to YELLOW or RED and impact the availability and performance of your Graylog setup. Given a date expression, natty will apply standard language recognition and translation techniques to produce a list of corresponding dates with optional parse and syntax information. Graylog offers a keyword time frame selector that allows you to specify the time frame for the search in natural language like last hour or last 90 days. Then you can enrich that data with additional information like threat intelligence data, IP geolocation, WHOIS data, and LDAP/AD information. 1 with your Vultr public IP address and graylog. I gave a try on our GL and it works fine picking up. Use of Graylog makes it easy to to extract data from any text in the received message to message fields. This only happens on the analyzed message and full_message in Graylog. Here are some query examples demonstrating the query syntax. Parses a payload containing JSON in the Graylog2 Extended Format specficiation. service Henüz ayarlamalar bitmiş durumda değil. For example, if an incoming message contains the field docker. The searching function of Graylog2 should be able to search string using wildcard search But in my case (Graylog2. → Read More: Graylog Query by IP Address with. The most important setting to make a successful connection is a list of comma-separated URIs to one or more Elasticsearch nodes. I gave a try on our GL and it works fine picking up. There is only one issue in your setup: You are collecting the logs but you are not processing it. In this parameter, wildcard expressions match only open, concrete indices. Detailed view of log message in Graylog 3. It also allows advanced custom search in the logs using structured queries. com provides a central repository where the community can come together to discover and share dashboards. Use of Graylog makes it easy to to extract data from any text in the received message to message fields. We strongly recommend to use a dedicated Elasticsearch cluster for your Graylog setup. Configure Web host to send apache logs to Graylog server. We can search for terms that are similar to, but not exactly like our search terms, using the " fuzzy " operator: quikc~ brwn~ foks~ This uses the Damerau-Levenshtein distance to find all terms with a maximum of two changes, where a change is the insertion, deletion or substitution of a single character, or transposition of two adjacent. Usage juju deploy cs:~graylog-charmers/graylog juju run-action --wait graylog/X show-admin-password. (5 replies) Our logging model is as follows. Our web servers and db servers use nxlog and write their logs directly to graylog's GELF input Other servers use rsyslog and log to logstash on graylog server, which dumps everything into the elasticsearch cluster. 6 does not yet support Elasticsearch 6. The -ExclusionPath will need to be changed to what you configured in SQL on install. x Standard / by Mr-Moo / May 22, 2017 / No Comments I found it odd I wasn’t able to locate standard node information from the Graylog dashboard under ‘System/Nodes’. Conclusion. In this case we will send 2 notifications: from Graylog using Streams and commands plugin. Graylog requires MongoDB to run and Elasticsearch to be useful. We deliver a better user experience by making analysis ridiculously fast, efficient, cost-effective, and flexible. I have a Graylog server running on a Centos 7 machine. REST API for integration into other parts of your IT Infrastructure. A Vultr Ubuntu 16. Published on 2016-11-04 and maintained on Github. 3 Create the Graylog Server Virtual Services. An "input" is where Graylog will get your logs. Do you want to use Graylog HTTP alerts? Graylog alert (>= 3. For easy start, there is a dropdown with predefined searches in the top-right corner of the Graylog interface. Upgrade Graylog 2. Graylog supports advertising its web and api ports to an application acting as a reverseproxy using the http relation. Graylog needs to know the address of at least one other Elasticsearch node given in the elasticsearch_hosts setting. A Vultr CentOS 7 server instance with at least 4GB RAM. It is meant to be a perfect companion for example when performing a release on the main monitor and having the dashboard on the second monitor to keep an eye on errors and exceptions on your platform. Please also take note that only a single alert is raised for this condition during the alerting interval, although. The new Regex does test OK when I select a message from the search tab and then select "Test against stream". The following provides examples of search result information that you can add to your dashboard. Graylog offers a keyword time frame selector that allows you to specify the time frame for the search in natural language like last hour or last 90 days. Usage juju deploy cs:~graylog-charmers/graylog juju run-action --wait graylog/X show-admin-password. Anyway you do it, Graylog dumps all the messages into a big bin from which you can filter them. Graylog supports plugins to extend functionality for things like SNMP traps, telemetry collection, and solar flares. Welcome to the Graylog documentation¶. In this tutorial, we will use 192. hubot-graylog-adapter. share | improve this answer. Example of a Global Kafka Dashboard for DC/OS 1. field_list_limit=100 # Use this to run Graylog with a path prefix #application. Graylog does a good job of abstracting away a fair portion of Elasticsearch index management (sharding, creation, deletion, rotation, etc). To configure a dynamic cluster set the following attributes: Elasticsearch discovery. I will use Ubuntu 15. Lucene has a custom query syntax for querying its indexes. Full Graylog2 server configuration in CentOS 7 with Elasticsearch Configuration Remote host with rsyslog Configure dashboard for log management Configure email alert using Stream & Aleart. In this example I’m using Graylog which is an open source logging platform and although any syslog server would work, one of the problems with syslogs is there is little uniformity when you have different systems sending these logs. Choose System > Content Packs, Content Packs site opens. Here is an example of an Apache and server performance monitoring dashboard using the two Elasticsearch indices as data sources. In addition to the basic search functionality on all of your sources, you can search the logs of a specific host, or in a specific time frame. The Graylog CLI dashboard. Note that you'll need to update the GRAYLOG_UNIT_IP in the template below to match the IP of your graylog/X unit. 一体化方案,安装方便,不像ELK有3个独立系统间的集成问题。 2. Search for word "foo" in the title field. Following are a couple of examples on search queries:. In this case I am using the version 5 records due to the above mention stability issues with the newer versioning. Our website is currently not finished which is why you are not able to read your purchase online just yet. Graylog Search with strings containing / "-EndPoint:example/example$" It search for the string, making sure, it's the end of the string. Turnkey GNU/Linux is a free Debian based library of system images that pre-integrates and polishes the best free software components into secure, easy to use solutions. Marketers strive to personalize emails in the quest for relevance. Search for word "foo" in the title field. Only metadata is stored, such as the user information or stream configuration; Graylog uses Elasticsearch to store the logged data, as we know Elasticsearch is a powerful search engine. Given a date expression, natty will apply standard language recognition and translation techniques to produce a list of corresponding dates with optional parse and syntax information. Use of Graylog makes it easy to to extract data from any text in the received message to message fields. Global # Global timeout for communication with Graylog server nodes; default: 5s #timeout. Now your should see traffic in your graylog input. Support for flexible alert rule conditions As a system administrator I would like to be able to combine the 3 different alert conditions using flexible AND / OR rules. 0 GA release was in November 2017 and at the time of this blog, the most recent version of Graylog 2. I am trying to apply an item template to my elasticsearch cluster, to deal with the issue of having fields with content longer than 32kb. #web_tls_key_file. Welcome to the Graylog documentation¶. First, we're running Graylog 1. See link to the lower left. x Standard / by Mr-Moo / May 22, 2017 / No Comments I found it odd I wasn’t able to locate standard node information from the Graylog dashboard under ‘System/Nodes’. Example for new search fields (btw. Now open Meraki dashboard and choose correct network. Download the plugin and place the. It stores the messages on ElasticSearch, which makes the quick search possible on archives. Graylog offers a keyword time frame selector that allows you to specify the time frame for the search in natural language like last hour or last 90 days. Log files are also what applications create somewhere on the file system into which they write status messages or full stack traces. Login to create quizzes If you are not registered user register here to login. Log management with Graylog2 - FrOSCon 2012 1. Graylog security information and event management combines real-time monitoring and immediate notification of rule violations with long-term archiving for analysis and reporting. In order for Log4j 2. 8 Date: Dec 7, 2015 Overview Before investing to commercial monitoring software, I decided to use open source product and final choice is Icinga for monitoring, Graylog for log collection, and Cacti for graph. On the test, I will install Graylog on Ubuntu Server 18. Graylog manages the storage in Elastic Search, the dashboards and user. com as the domain name pointed to the server. There is no Kibana to install. Graylog Configuration Diagram: Graylog Setup. If that's true, then the third search (with !=) would have no field 'Type' against which to evaluate = or even !=. One such example log4j. In addition to the basic search functionality on all of your sources, you can search the logs of a specific host, or in a specific time frame. ” All graylog deployments will have the same basic features: Graylog server, Web interface, Elasticsearch, MongoDB. What is important is that only Graylog interacts with the logging agents. 0_65, whereis java gives me lot of path, but if I try to navigate to check there, I can see only skyblue colored java files at /usr/bin/java, and if I'm not wrong its a softlink. Go to Search and create some searches for your dashboard. Graylog vs Splunk: Which is better? We compared these products and thousands more to help professionals like you find the perfect solution for your business. 2, and Cacti 0. I've found that when using the REST API for Search, it requires Admin authorization and I'm curious as to why. graylog server borken after yum update My centos server has graylog installed and it was running until I applied patches with yum update. In this article I'll be providing a basic walkthrough of how to setup an Arm64/Aarch64 device such as the Rock64 as a secure Wifi AP with Pi-Hole DNS and an IDS. They are for example used in the # search result sidebar or for autocompletion of field names. com with your actual domain name. Table of Contents 1 - Java REST client example 1 2 - Java REST client example 2a 3 - Java REST client example 2b 4 - Java REST clients using the Apache HttpClient library In this article I share some source code for some simple Java REST clients that use the Apache HttpClient project. Usage juju deploy cs:~graylog-charmers/graylog juju run-action --wait graylog/X show-admin-password. React has a vibrant and growing ecosystem and is used widely in production in a variety of combinations with different frameworks. Our web servers and db servers use nxlog and write their logs directly to graylog's GELF input Other servers use rsyslog and log to logstash on graylog server, which dumps everything into the elasticsearch cluster. Linux has long mastered the art of log forwarding and remote logging, which are prerequisites for external log analysis. Build up-to-date documentation for the web, print, and offline use on every version control push automatically. Lucene has a custom query syntax for querying its indexes. Another pattern, included in Graylog’s base patterns, is %{DATESTAMP} which is defined as %{DATE}[- ]%{TIME} , which is a concatenation between a regular expression and two Grok patterns. 4 Upgrading graylog 2. It implements the Psr\Log\LoggerInterface interface, so use it as a standard logger. This page helps you select the correct script type for a specific task you are trying to accomplish. Kibana 4 is an analytics and visualization platform that builds on Elasticsearch to give you a better understanding of your data. For large volumes of log data in a big production setup, you might want to deploy a Graylog Cluster. Graylog does a good job of abstracting away a fair portion of Elasticsearch index management (sharding, creation, deletion, rotation, etc). The only common issue I've seen online is to with timezone settings putting these events into the future, but the time on our Palo Alto Panorama sender is correct (PST) and trying an absolute time search a day into the future reveals nothing. The new Regex does test OK when I select a message from the search tab and then select "Test against stream". Config: type (string, optional. It’s important to set correct security rules. # The URI will be published in the cluster discovery APIs, so that other Graylog nodes will be able to find and connect to this Graylog node. GiacomoFurlan\Graylog\GELFLogger. com as the domain name pointed to the server. There is an AWS EC2 image for a full graylog install with the documentation for this. json with notepad++ and replace the source with the source name of my fortigate and modify the UDP port if different. Perhaps there are additional differences between CentOS and Ubuntu, with respect to Graylog config files. In this tutorial, we will use 192. Graylog is an open source project that is able to ingest logs from a wide variety of sources and provides very useful visualisation, processing and alerting capabilities. It also relies on MongoDB, to store metadata (Graylog users, permissions, dashboards, etc). org We analyzed Graylog. Alert time frame can be set to only search a specific time in the past, as well as how often to perform the searches. Setting up a centralised log server using Graylog on Ubuntu 16. Graylog keeps metadata in MongoDB as to which index contains which timeframe of logs so that when a search is made, it only searches the Elasticsearch indexes that contain the data. Of course, you could hook in any other data source that is supported by Grafana to create a more comprehensive dashboard:. Node discovery. NET platforms. I cannot find online a listing of all of the graylog “builtins” which are usable in search. CENTOS 5 wget http://centreon/f/filebeat5. Hi Jochen, Thanks a lot. For example, you can search across all Windows servers for a particular event ID. Examples of this attribute can be "groupMembership" or "Member" How do I match more than one attribute? For example,. Referral issues can be detected by warnings in the server logs about group mapping failing, for example:. Ask Question. Since Graylog Version 2. Here are a few examples for possible values. Today let’s examine Graylog – an open source log management tool. For example by enabling the creation of content in multiple languages and the distribution of those based on behavioural targeting or user segmentation. In Elasticsearch, an index is similar to a database in the world of relational databases. Graylog(GraylogSinkOptions) taken from open source projects. Yes, after removing the extra space it worked. A good example of this is Elasticsearch 6. Graylog2 is an open source software to manage your logs and get the most out of them. Typically, you would browse through the data and explore. This is useful when generating custom data lookup's or meta event messages based off of previously collected data. For instance search for all vpn clients last month and generating a new message stating that a user from last month has or has not. In Graylog, set up a UDP syslog input at the port and network interface you configured in rsyslog earlier and confirm that messages are arriving. Setting up a centralised log server using Graylog on Ubuntu 16. 2medium sized instance. By default, Graylog creates an index mapping which will instruct Elasticsearch to analyze the “message”, “full_message”, and “source” fields. You may configure with a dynamic IP address as a test, but the IP will be used in a number of configuration files. Following are a couple of examples on search queries:. The GrayLog Stream Lookup (SLookup) Pipeline Processor function. Function Prototype: First we have to select the alert type Delorean. #web_tls_key_file. This post shows eight examples of great developer documentation, where the time invested yields great dividends for the app's teams. GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together. Elasticsearch is one of the main components which requires Graylog to run, acts as a search server, offers a real-time distributed search and analytics with the RESTful web interface. It is easy to set up, has a clean API, and is portable between recent. 루센기반의 분산검색서버인 Elasticsearch와 MongoDB를 기반으로 로그를 분석하는 프레임워크이다. Parses a payload containing JSON in the Graylog2 Extended Format specficiation. In this post we recap the week’s most interesting influxQL query examples, InfluxDB and TICK-stack related issues, workarounds, how-tos and Q&A from GitHub, IRC and the InfluxDB Google Group that you might have missed. What is important is that only Graylog interacts with the logging agents. Assuming that you are using Two Input Streams ru. (currently I am referring to swagger). #web_enable_tls = true # The X. The MySQL is the choice because of the Cacti. In this guide, we are going to go over how to create squid logs extractors on Graylog server. Lucene supports fuzzy searches based on the Levenshtein Distance, or Edit Distance algorithm. Example: all. We can run a query as below.