# Lesson 5 - Advanced Queries

## Overview

In Lesson 3 you stepped through a basic Logging Service `query` and `poll` example. You may have noticed we provided a SQL statement in the JSON payload we passed using the `query()` method. Although the Logging Service provides support for the SQL language, this support is limited to a partial implementation of the `SQL SELECT` statement and some common operators and functions.

In this lesson we'll step through a few more examples demonstrating the use of some of these SQL functions and operators.

**Step 1: Import**
First let's start by importing `LoggingService` and `Credentials`

In [1]:
from pancloud import LoggingService, Credentials

**Step 2: Instantiate**
Next we'll create our `LoggingService` instance

In [2]:
# API Gateway URL
url = 'https://apigw-stg4.us.paloaltonetworks.com'

ls = LoggingService(url=url, credentials=Credentials())

In [3]:
d = {
    "query": "SELECT * FROM panw.traffic WHERE category-of-app = 'networking' LIMIT 5",
    "startTime": 0,  # 1970
    "endTime": 1609459200,  # 2021
    "maxWaitTime": 0  # guarantees no logs in initial response
}

# Query the Logging Service
q = ls.query(json=d)

Let's take a peek at the raw json response

In [4]:
q.text

'{"queryId":"d8340081-397d-406a-ad98-c7f37b14ea35","sequenceNo":0,"queryStatus":"RUNNING","clientParameters":{},"result":{"esResult":null,"esQuery":{"table":["panw.traffic"],"query":{"aggregations":{},"query":{"term":{"{{field_0}}":"{{value_0}}"}},"size":5},"selections":[],"params":{"field_0":"category-of-app","value_0":"networking"}}}}'

Use the built-in `json()` method to convert the raw response into a python `dict` object.

In [5]:
r = q.json()

In [6]:
r

{'queryId': 'd8340081-397d-406a-ad98-c7f37b14ea35',
 'sequenceNo': 0,
 'queryStatus': 'RUNNING',
 'clientParameters': {},
 'result': {'esResult': None,
  'esQuery': {'table': ['panw.traffic'],
   'query': {'aggregations': {},
    'query': {'term': {'{{field_0}}': '{{value_0}}'}},
    'size': 5},
   'selections': [],
   'params': {'field_0': 'category-of-app', 'value_0': 'networking'}}}}