update wiki pages

VictoriaLogs/LogsQL.md

@@ -78,7 +78,8 @@ The query returns the following [log fields](https://docs.victoriametrics.com/Vi
 - [`_time` field](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#time-field)
 
 Logs may contain arbitrary number of other fields. If you need obtaining some of these fields in query results,
-then just refer them in the query with `field_name:*` [filter](#any-value-filter).
+then just refer them in the query with `field_name:*` [filter](#any-value-filter). See [these docs](#querying-specific-fields) for more details.
+
 For example, the following query returns `host.hostname` field additionally to `_msg`, `_stream` and `_time` fields:
 
 ```logsql
@@ -1088,6 +1089,27 @@ Additionally, LogsQL will provide the ability to select fields, which must be re
 
 See the [Roadmap](https://docs.victoriametrics.com/VictoriaLogs/Roadmap.html) for details.
 
+## Querying specific fields
+
+By default VictoriaLogs query response contains [`_msg`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#message-field),
+[`_stream`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#stream-fields) and
+[`_time`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#time-field) fields.
+
+If you want selecting other fields from the ingested [structured logs](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#data-model),
+then they must be mentioned in query filters. For example, if you want selecting `log.level` field, and this field isn't mentioned in the query yet, then add
+`log.level:*` [filter](#any-value-filter) filter to the end of the query.
+The `field_name:*` filter doesn't return log entries with empty or missing `field_name`. If you want returning log entries
+with and without the given field, then `(field_name:* OR field_name:"")` filter can be used.
+See the following docs for details:
+
+- [Any value filter](#any-value-filter)
+- [Empty value filter](#empty-value-filter)
+- [Logical filter](#logical-filter)
+
+In the future LogsQL will support `| fields field1, field2, ... fieldN` syntax for selecting the listed fields.
+It will also support the ability to select all the fields for the matching log entries with `| fields *` syntax.
+See the [Roadmap](https://docs.victoriametrics.com/VictoriaLogs/Roadmap.html) for details.
+
 ## Performance tips
 
 - It is highly recommended specifying [time filter](#time-filter) in order to narrow down the search to specific time range.

VictoriaLogs/data-ingestion/README.md

@@ -57,6 +57,11 @@ The command should return the following response:
 {"_msg":"cannot open file","_stream":"{}","_time":"2023-06-21T04:24:24Z","host.name":"host123"}
 ```
 
+Note that the response contains [`_msg`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#message-field),
+[`_stream`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#stream-fields) and
+[`_time`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#time-field) fields plus the explicitly mentioned fields.
+See [these docs](https://docs.victoriametrics.com/VictoriaLogs/LogsQL.html#querying-specific-fields) for details.
+
 See also:
 
 - [How to debug data ingestion](#troubleshooting).
@@ -103,6 +108,11 @@ The command should return the following response:
 {"_msg":"oh no!","_stream":"{stream=\"stream1\"}","_time":"2023-06-20T15:32:10.567Z","log.level":"error"}
 ```
 
+Note that the response contains [`_msg`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#message-field),
+[`_stream`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#stream-fields) and
+[`_time`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#time-field) fields plus the explicitly mentioned fields.
+See [these docs](https://docs.victoriametrics.com/VictoriaLogs/LogsQL.html#querying-specific-fields) for details.
+
 See also:
 
 - [How to debug data ingestion](#troubleshooting).

VictoriaLogs/querying/README.md

@@ -17,6 +17,11 @@ For example, the following query returns all the log entries with the `error` wo
 curl http://localhost:9428/select/logsql/query -d 'query=error'
 ```
 
+Note that the response contains [`_msg`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#message-field),
+[`_stream`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#stream-fields) and
+[`_time`](https://docs.victoriametrics.com/VictoriaLogs/keyConcepts.html#time-field) fields plus the explicitly mentioned fields.
+See [these docs](https://docs.victoriametrics.com/VictoriaLogs/LogsQL.html#querying-specific-fields) for details.
+
 The `query` argument can be passed either in the request url itself (aka HTTP GET request) or via request body
 with the `x-www-form-urlencoded` encoding (aka HTTP POST request). The HTTP POST is useful for sending long queries
 when they do not fit the maximum url length of the used clients and proxies.

keyConcepts.md

@@ -742,6 +742,24 @@ useful in the following scenarios:
 
 If you need to export raw samples from VictoriaMetrics, then take a look at [export APIs](https://docs.victoriametrics.com/#how-to-export-time-series).
 
+### Query latency
+
+By default, Victoria Metrics does not immediately return the recently written samples. Instead, it retrieves the last results written prior to the time specified by the `search.latencyOffset` flag, which has a default offset of 30 seconds.
+This is true for both `query` and `query_range` and may give the impression that data is written to the VM with a 30-second delay.
+
+But this flag avoids non-consistent results due to the fact that only part of the values are scraped in the last scrape interval.
+
+Here is an illustration of a potential problem when `search.latencyOffset` is set to zero:
+
+<img src="keyConcepts_withoutLatencyOffset.png">
+
+When this flag is set, the VM will return the last metric value collected before the `search.latencyOffset`
+duration throughout the `search.latencyOffset` duration:
+
+<img src="keyConcepts_withLatencyOffset.png">
+
+It can be overridden on per-query basis via `latency_offset` arg.
+
 ### MetricsQL
 
 VictoriaMetrics provide a special query language for executing read queries - [MetricsQL](https://docs.victoriametrics.com/MetricsQL.html).