SAS Visual Investigator offers powerful search capabilities to assist investigators in performing discovery-based investigations. This post is part one of a series dedicated to Search. In this post, I will cover facet filters and text search, including how to build a more powerful search query in SAS Visual Investigator.

 

 

Facet filter

 

The first feature I want to cover in this post is facet filter, which allows investigators to narrow down search results based on a set of preconfigured search filters. We have the ability to add specific filters based on the available fields of each entity. These filters can be found in the left panel on the search results page. The end users can then narrow down their search results by checking the desired checkboxes.

 

Select any image to see a larger version.
Mobile users: To view the images, select the "Full" version at the bottom of the page.

 

Creating a facet within an entity is simple. Start by navigating to the Data Objects tab and Entities subtab, followed by double-clicking on the desired entity to open its configuration page. I will use the Auto Claim entity in this example.

 

 

Within the entity configuration page, go to the Filter Facets tab. A new facet can be added with the add button.

 

 

In order to fully illustrate the configuration possibilities, I’ve selected three entity fields of different types:

 

• Claim Status: A string, or term, variable that states the status of the claim.
  • Example values: Fraud, Settled, Open
• Incident Date: A date variable showing the date on which the incident took place.
  • Example value: 2017-05-09
• Claim Value: A double, or numeric, variable that shows the dollar value of the claim.
  • Example value: 12000

 

 

Starting with Claim Status, I can specify the facet input type as either Text input or Checkboxes. The text input option enables users to enter a text whereas the checkboxes enable users to select a categorical value to filter by. The former is particularly useful with fields that contain a large list of values, thus making it impractical to depict as checkboxes in the UI. An example of this is surname.

 

In this example, I’ve set the facet input type as Checkboxes, as there are only limited number of possible claim statuses. I’ve set the display limit to 5. If the number of available claim statuses exceed the display limit, only 5 values will be displayed, together with a More option. See the image below for a side-by-side comparison of the entity configuration page in the Administrator UI (Manage Investigate and Search) and the Filters pane on the Search Page of the Investigator UI (Investigate and Search Data).

 

 

Moving onto the Incident Date field. Here, I have the options to set the Accuracy. This specifies the time level to which the facet is accurate, with the options ranging from days down to milliseconds. The Selectors dropdown lists let us define the boundary range as inclusive (>=) or exclusive (>). See the image below for a side-by-side comparison of the entity configuration page in the Administrator UI (Manage Investigate and Search) and the Filters pane on the Search Page of the Investigator UI (Investigate and Search Data).

 

 

Moving onto the numeric field Claim Value, I’ve defined the Display Format as 0. This controls the number of decimal places that appear. A value of zero (0) means no decimal places. The Selectors let me specify whether end users are able to filter on exact values, over a range of values, or both. Additionally, I’ve also created a Custom Range named High Value Claims and defined it as all claim values greater than or equal to 10000. This feature comes in handy in letting investigators spot the behavior they wish to see more quickly. See the image below for a side-by-side comparison of the entity configuration page in the Administrator UI (Manage Investigate and Search) and the Filters pane on the Search Page of the Investigator UI (Investigate and Search Data).

 

 

Note that the entity needs to be saved and re-indexed for the configuration changes to take effect.

 

 

 

Text search

 

In future posts, I will dive into search features such as Advanced Search. In this post, let’s look at the humble Standard Search and explore how we can achieve more by formulating a better search query.

 

 

 

Search using Boolean operators

 

Let’s start by looking at search using Boolean operators. For example, I want to search for information related to a customer named James Hurst. I start by using the search term James Hurst. As illustrated below, when this search term is used, two customer records are returned, one for James Hurst and one for James Sykes. The reason for this is that the search string James Hurst is treated as James OR Hurst.

 

 

If I want results matching all the individual search terms, I can use the AND operator. As seen below, the search term James AND Hurst returns results pertaining only to James Hurst.

 

 

Another way of only returning results pertaining to James Hurst is by putting quotation marks around the search terms, as that will return an exact match.

 

 

One last thing to note when searching using Boolean operators is that they need to be capitalized in the search string.

 

 

 

Search using wildcards

 

Wildcards are particularly helpful when it comes to search as you may not always want to or know the exact text string to search for.

 

There are two types of wildcards that can be leveraged in SAS Visual Investigator search. The first is question mark (?), which replaces any single alphanumeric character. The second is asterisk (*), which replaces zero or more characters. Lastly, if only a single asterisk is used in the search, all indexed data will be returned.

 

See below for examples.

 

 

 

 

Lastly, you cannot begin a search string with a leading asterisk (*).

 

 

 

Proximity searches

 

Proximity search is another powerful tool that you can use when querying your data. To perform a proximity search, enclose the individual search terms in quotation marks, followed by the tilde symbol (~) and a number indicating the proximity between the search terms.

 

In the example below, searching with the string “Proximity search”~3 will return all the results where the word Proximity and the word Search occur within three words of each other. This would return both of the following results:

 

• Proximity word1 word2 search
• Proximity word1 word2 word3 search

 

 

If I was to decrease the proximity from 3 to 2, then only the following result would be returned:

 

• Proximity word1 word2 search

 

 

 

Search in a specific field

 

If you want to search for information in a specific entity field, you can use a field-based search. In terms of syntax, list the field name first, followed by colon (:), and the desired search term. If you wish to search for multiple terms within the same query, you can enclose your desired search terms in parenthesis.

 

Examples:

 

To search for the name Dominic within the Customer Name field, use the search string customer_name:Dominic.

 

 

To search only for customers who are named Dominic Dodd within the Customer Name field, use the search string customer_name:“Dominic Dodd”.

 

 

To search for both the word vehicle and the word park in the Claim Description field, use the search string: claim_description:(vehicle park).

 

 

When conducting field-based search, use the name of the field (customer_name) rather than the label you see in the UI (Customer Name).

 

 

 

Search for values within a range

 

Lastly, if you wish to search for values within a specific range, you can use square brackets ([ ]) for inclusive ranges (>=, <=) and braces ({ }) for exclusive ranges (>, <).

 

Example:  

 

Desired Result	Search string
Claims with claim_value greater than 600 and less than 800	claim_value: {600 TO 800}
Claims with claim_value greater than or equals to 600 and less than 800	claim_value: [600 TO 800}
Claims with claim_value greater than or equals to 600 and less than or equals to 800	claim_value: [600 TO 800]

 

 

 

Conclusion

 

In this post, I’ve covered how to create filter facets, as well as listing six different ways to build a more powerful text search query. This is the first post in a series I will do on Search in SAS Visual Investigator. Stay tuned for topics such as Saved Search, Advanced Search, and more!

 

For additional content on SAS Visual Investigator, check out the following posts:

 

• Entity-level security in SAS Visual Investigator
• Using DATA Step Code to Design Scenarios in SAS Visual Investigator
• Aggregation Scenarios and Entity Relationships in SAS Visual Investigator
• SAS Visual Investigator Page Building Best Practices Part I: Columns, Group Boxes, and Tabs
• SAS Visual Investigator: Chunk Size and Indexer Performance
• Streamlining Reporting with Print Templates in SAS Visual Investigator

 

 

Find more articles from SAS Global Enablement and Learning here.