Axoflow reference

• 1: AQL operator reference
• 2: Manual pages
• 2.1: axorouter-ctl

1 - AQL operator reference

AQL Query search supports the following comparison operators.

Case insensitive:

• Equals (=): the whole value equals to the pattern
• Not equals (!=): the value isn’t exactly equal to the whole pattern
• Contains (=*): the value contains the given pattern
• Doesn’t contain (!*): the value doesn’t contain the given pattern
• Matches (=~): the pattern as a regular expression matches the value
• Doesn’t match (!~): the case-insensitive regular expression doesn’t match

The comparison operators have their corresponding case sensitive (strict) versions:

• Equals (==)
• Not equals (!==)
• Contains (==*)
• Doesn’t contain (!=*)
• Matches: (==~)
• Doesn’t match (!=~)

The syntax of the regular expressions accepted is the same general syntax used by Perl, Python, and other languages. The regular expressions are evaluated in case-insensitive mode in case of the =~ and !~ operators. The patterns are not anchored to the whole string, but you can use ^ at the beginning of the pattern and $ at its end to match the whole value.

You can create complex queries using the AND and OR logic operators and parentheses, for example, ( host_name =* azure AND host_label_team = network ) OR ( host_name =* app AND host_label_app =* windows )

Escaping rules

Enclose the field names and values in single-quotes ('), double-quotes ("), or \` if it contains characters not on this list: @, a-z, 0-9, ._- If all three quote types occur, enclose with single-quotes and escape single-quotes as \\'.

You can escape backslashes as \\\\.

2 - Manual pages

2.1 - axorouter-ctl

Name

axorouter-ctl — Utility to control and troubleshoot AxoRouter

Synopsis

axorouter-ctl [command] [options]

Description

The axorouter-ctl application is a utility that is needed mainly for troubleshooting. For example, it can be used to:

• enable/disable troubleshooting messages
• display statistics about the processed messages
• display version information of AxoRouter.

Control syslog container

Usage: axorouter-ctl control syslog <command> <options>

This command allows you to access and control the syslog container of AxoRouter. Essentially, it’s a wrapper for the syslog-ng-ctl command of AxoSyslog. Usually, you don’t have to use this command unless our support team instructs you to.

For example:

• Enable debug messages for troubleshooting: axorouter-ctl control syslog log-level verbose
• Display the current configuration: axorouter-ctl control syslog config --preprocessed
• Reload the configuration: axorouter-ctl control syslog reload

For details, see the AxoSyslog documentation.

Show logs

Usage: axorouter-ctl logs <target> <journalctl-options>

Displays the logs of the target container: syslog or wec. WEC logs are available only if the AxoRouter host has a ;Windows Event Collector (WEC) connector configured.

The axorouter-ctl logs command is a wrapper for the journalctl command, so you can add regular journalctl options to the command. For example, -n 50 to show the 50 most recent lines: axorouter-ctl logs syslog -n 50

Prune images

Usage: axorouter-ctl prune

Removes all unused images from the local store, similarly to podman-image-prune.

Pull images

Usage: axorouter-ctl pull

Download images needed for AxoRouter. This is usually not needed unless you have a custom environment, for example, proxy settings or pull credentials that aren’t available when the AxoRouter container is run.

Shell access to AxoRouter

Usage: axorouter-ctl shell wec

Open a shell into the target container (syslog or wec). Usually needed only for troubleshooting purposes, when requested by our support team.

Statistics and metrics

Usage: axorouter-ctl stats syslog <legacy|prometheus>

Display the statistics and metrics of the syslog container in Prometheus or legacy format, from the underlying AxoSyslog process. For details, see the AxoSyslog documentation.

Version

Usage: axorouter-ctl version

Show the version numbers of the underlying AxoSyslog build, for example:

0.58.0
axosyslog 4 (4.11.0)
Config version: 4.2
Installer-Version: 4.11.0