AdtAdmin.exe /SetQuery
Updated: May 13, 2016
Applies To: System Center 2012 R2 Operations Manager, System Center 2012 - Operations Manager, System Center 2012 SP1 - Operations Manager
An ACS collector can use Windows Management Instrumentation (WMI) Query Language (WQL) queries as filters to limit the events that are stored in the ACS database. The /SetQuery parameter implements the filter before events are saved to the ACS database. For more information on WQL and WQL queries, see Querying with WQL.
Note
Because ACS supports only event queries, it does not support WQL aggregation operators.
Syntax
AdtAdmin.exe /SetQuery [/Collector:CollectorName] /Query:QuerySyntax
Subparameter |
Definition |
|---|---|
/Collector:CollectorName |
Specifies an ACS collector to query. If this subparameter is omitted, the local ACS collector is assumed. |
/Query:QuerySyntax |
Specifies the query syntax that defines the filter to apply. |
Example
This example uses the /SetQuery parameter to define a WQL query that filters out specified events. When applied, this query filters out events generated by System, Local Service, and Network Service services, and it also filters events that have specified event ID numbers.
adtadmin /setquery /collector:"Collector Name" /query:"SELECT * FROM AdtsEvent WHERE NOT ((HeaderUser='SYSTEM' OR HeaderUser='LOCAL SERVICE' OR HeaderUser='NETWORK SERVICE') OR (EventId=538 OR EventId=566 OR EventId=672 OR EventId=680 OR (EventId>=541 AND EventId<=547))"
See Also
Audit Collection Services Administration (AdtAdmin.exe)
AdtAdmin.exe /AddGroup
AdtAdmin.exe /DelGroup
AdtAdmin.exe /Disconnect
AdtAdmin.exe /GetDBAuth
AdtAdmin.exe /GetQuery
AdtAdmin.exe /ListForwarders
AdtAdmin.exe /ListGroups
AdtAdmin.exe /SetDBAuth
AdtAdmin.exe /Stats
AdtAdmin.exe /UpdForwarder
AdtAdmin.exe /UpdGroup