Sentinel uses the Lucene query language for searching events. This section provides an overview of how to use the Lucene query language to perform searches in Sentinel. For more advanced features, see Apache Lucene - Query Parser Syntax.
For information on the event fields in Sentinel, click on the top right corner in the Sentinel Web interface. A table is displayed that lists the event names and their IDs.