Building search queries

Edit online

Build custom queries to get specific results so that you find information that is relevant to you. Use the query builder in Data Explorer to create STIX-compliant queries to your connected data sources.

If you configured IBM® QRadar as a data source, you can also create Ariel Query Language (AQL) queries. If you configured IBM QRadar® Next-Gen Log Management (Beta), you can also use the Kusto Query Language (KQL) to query the log management data lake. You can use both the STIX and KQL to query the Next-Gen Log Management data lake. Ariel Query Language (AQL) can query only the QRadar data sources.