View all questions & answers for the NSE 5 - FortiAnalyzer 7.4 Analyst Exam Materials exam


Question 15 Discussion

Which statement about SQL SELECT queries is true? (Choose one answer)

  • A. They can be used to display the database schema.
  • B. They are not used in macros.
  • C. They must be followed immediately by a WHERE clause.
  • D. They can be used to purge log entries from the database.
Correct Answer: A

Brave-Dump Clients Votes

A 100%

Comments



Ibrahim Eldesoki 2025-04-06 21:54:50

Selected Answers: A


To create a query, you first need to know what is included in the database schema. The schema is the different fields, or columns, that are available, and from which you can extract information for reports. In FortiAnalyzer, you can obtain the schema for a specific log type by creating and testing the following dataset query:

SELECT * FROM $log,

This query can be read as: “Select everything from the logs table.”

For traffic logs, for example, associate the Traffic log type with this dataset in the Log Type field. This query returns everything from the Traffic log type. The column heading names indicate what is available in the database schema for the log type selected. The * symbol returns all data. Note that not all column headings are shown in the example on this slide.