# Example queries The following examples show some queries that you can perform from Athena on your Resolver query logs. ## Example 1 - query logs in descending query\$1timestamp order The following query displays log results in descending `query_timestamp` order. ``` SELECT * FROM "r53_rlogs" ORDER BY query_timestamp DESC ``` ## Example 2 - query logs within specified start and end times The following query queries logs between midnight and 8am on September 24, 2020. Substitute the start and end times according to your own requirements. ``` SELECT query_timestamp, srcids.instance, srcaddr, srcport, query_name, rcode FROM "r53_rlogs" WHERE (parse_datetime(query_timestamp,'yyyy-MM-dd''T''HH:mm:ss''Z') BETWEEN parse_datetime('2020-09-24-00:00:00','yyyy-MM-dd-HH:mm:ss') AND parse_datetime('2020-09-24-00:08:00','yyyy-MM-dd-HH:mm:ss')) ORDER BY query_timestamp DESC ``` ## Example 3 - query logs based on a specified DNS query name pattern The following query selects records whose query name includes the string "example.com". ``` SELECT query_timestamp, srcids.instance, srcaddr, srcport, query_name, rcode, answers FROM "r53_rlogs" WHERE query_name LIKE '%example.com%' ORDER BY query_timestamp DESC ``` ## Example 4 - query log requests with no answer The following query selects log entries in which the request received no answer. ``` SELECT query_timestamp, srcids.instance, srcaddr, srcport, query_name, rcode, answers FROM "r53_rlogs" WHERE cardinality(answers) = 0 ``` ## Example 5 - query logs with a specific answer The following query shows logs in which the `answer.Rdata` value has the specified IP address. ``` SELECT query_timestamp, srcids.instance, srcaddr, srcport, query_name, rcode, answer.Rdata FROM "r53_rlogs" CROSS JOIN UNNEST(r53_rlogs.answers) as st(answer) WHERE answer.Rdata='203.0.113.16'; ```