Enterprise SIEM, Centralized Log Management, Security, Compliance, Server Monitoring and Uptime Monitoring Software
Table of Contents

Simple Filters

Simple filters are comprised of a simple stacked list of criteria that can be ordered and flagged to either include or exclude specific contents.

Supported Log Types
Event Log
Syslog
Text Log

How to configure simple filters:

  • From the Menu Bar select File | New. The Create New Object View displays.
  • Select Filter. The New Filter view displays.
  • Use the Name text box to specify a unique name.
  • From the Type drop-down select the type of object to create the filter for.
  • From the Sub type drop-down select Simple. The Simple Filter View displays.
  • Use the Add button to add new criteria to the filter.
  • Use the Delete button to delete the selected criteria.
  • Use the List and Table toggle buttons to toggle view between a List View and a Table View.
  • Use the Order By buttons to change the order in which multiple criteria are applied.
    Available in the List View.

Simple Event Log Filters

  • Use the Visibility drop-down to configure to either include or exclude entries that match this criteria.
  • Use the Levels toggle buttons to include or exclude specific levels.
  • Use the Search Text text box to specify the message search criteria.
    • Optionally use the Match Case to match the case.
    • Optionally use the RegEx to search using regular expressions.
  • Use the Sources text box to specify the Source to search for. Comma-separate multiple items.
  • Use the Categories text box to specify the Source to search for. Comma-separate multiple items.
  • Use the Event IDs text box to specify the Event IDs to search for. Comma-separate multiple items. Dash-separate Event ID ranges.
  • Use the Users text box to specify the User to search for. Comma-separate multiple items.
  • Use the Hosts text box to specify the Host to search for. Comma-separate multiple items.
  • Use the Logs text box to specify the Log to search for. Comma-separate multiple items.

Simple Syslog Filters

  • Use the Visibility drop-down to configure to either include or exclude entries that match this criteria.
  • Use the Priority check boxes to include or exclude specific priorities.
  • Use the Search Text text box to specify the message search criteria.
    • Optionally use the Match Case button to match the case.
    • Optionally use the RegEx button to search using regular expressions.
  • Use the Sources text box to specify the Source to search for. Comma-separate multiple items.
  • Use the Applications text box to specify the Application to search for (RFC5424). Comma-separate multiple items.
  • Use the Process IDs text box to specify the Process IDs to search for (RFC5424). Comma-separate multiple items.
  • Use the Message IDs text box to specify the Message IDs to search for (RFC5424). Comma-separate multiple items.
  • Use the Data text box to specify the Data to search for (RFC5424). Comma-separate multiple items.
  • Use the Hosts text box to specify the Host to search for. Comma-separate multiple items.

Simple Text Log Filters

  • Use the Visibility drop-down to configure to either include or exclude entries that match this criteria.
  • Use the Search Text text box to specify the message search criteria.
    • Optionally use the Match Case button to match the case.
    • Optionally use the RegEx button to search using regular expressions.
  • Use the Hosts text box to specify the Host to search for. Comma-separate multiple items.
  • Use the Logs text box to specify the Log to search for. Comma-separate multiple items.

Sample Simple Event Log Filter:

List View

Table View

Related Topics

Complex Filters

C# Script Filters

Filters