NQL comparison operators

Operator

Definition

Examples

== or =

Equals

name == "abc"

name = "ABC"

name == "abc*"

name == "a?c"

!=

Not equals

name != "abc"

name != "ABC"

name != "abc*"

name != "a?c"

>

Greater than

size > 10

<

Less than

size < 10

>=

Greater or equal

size >= 10

<=

Less or equal

size <= 10

All expressions used in combination with these operators are case insensitive and support wildcard characters.

So for example the following query

devices during past 24h
| where name == "CORPSYS2022-*"

is exactly the same as

devices during past 24h
| where name == "CoRpSyS2022-*"

Last updated 4 months ago