- KNOWLEDGE BASE
- ANALYZE IN STYLE
- FUNCTIONS
-
START YOUR TRIAL
-
DEVICE INTEGRATION
-
CONNECTORS
-
DATA INGESTION
-
HUNTING WITH WORKBOOKS
-
ANALYZE IN STYLE
-
SECURITY MONITORING
-
OPERATIONS
-
MANAGE DASHBOARDS
-
MANAGE REPORTS
-
USER MANAGEMENT & ACCESS CONTROL
-
BILLING
-
MANAGING YOUR COMPONENTS
-
GETTING STARTED
-
INSTALLATION
-
SOLUTION DESIGN
-
AUTOMATION
-
TROUBLESHOOTING AND DEBUGGING
-
LICENSE MANAGEMENT
-
RELEASE NOTES
-
API
-
POLICIES
-
SECURITY BULLETINS
-
Best Practices
Not Clause
NOT is a logical operator in DQL that you can put before any conditional statement to select rows for which that statement is false.
To negate the result of any Boolean expression, you use the NOT operator. The following illustrates how to use the NOT operator:
stream=cloudtrail where sourcename='AWS-CLOUDTRAIL' and not srcip='11.71.11.11'
The above query will retrieve all the fields from stream cloudtrail where the sourcename is AWS-CLOUDTRAIL and srcip is not 11.71.11.11. The output is shown as below:
