Searching and Creating Filter Tabs for Remote Logs from Sender Devices
- Open QuLog Center.
- Go to QuLog Service > Sender Devices.
- Select a sender device.
- Click Event Log or click Access Log.
- Go to the search bar.
- Click .
-
Specify the following filter
fields:
Fields
Steps
Severity Level
-
Click .
The severity level drop-down menu appears.
-
Select a severity level option.
Date
-
Click .
The date drop-down menu appears.
-
Select a date option.
User
-
Click .
The user condition option appears.
-
Select a condition.
-
Specify the keywords.
Source IP
-
Click .
The source IP address condition option appears.
-
Select a condition.
-
Specify the source IP address.
Host name -
Click .
The source host name condition option appears.
-
Select a condition.
-
Specify the host name.
The following filter fields are specific to event logs:
Service
-
Click .
The service drop-down menu appears.
-
Select a service.
The Category option appears.
Note:The Category option does not appear if you select any services or do not specify the service.
-
Specify the service Category.
Content
-
Click .
The content condition option appears.
-
Select a condition.
-
Specify the content keywords.
Flag
-
Click .
The flag drop-down menu appears.
-
Select a flag option.
The following filter fields are specific to access logs:
Computer Name -
Click .
The computer name condition option appears.
-
Select a condition.
-
Specify the computer name.
Accessed Resources
-
Click .
The content condition option appears.
-
Select a condition.
-
Specify the keywords.
Connection Type
-
Click .
The connection type option appears.
-
Select a connection type.
Action
-
Click .
The action drop-down menu appears.
-
Select an action option.
-
- Optional:
Click Reset to clear
all search filters.
Respecify search filters as many times as required.
-
Click Search.
The list of filtered results is displayed.
-
Click Add as Customized
Tab.
The Add as Customized Tab window appears.
- Enter a tab name.
-
Click Apply.
-
The custom filter tab is created.
-
The custom filter tab is displayed next to the Main tab.
-