Creating a Custom Filter Tab for Access Logs on a Sender Device
- Open QuLog Center.
- Go to QuLog Service > Sender Devices.
- Click on a sender device.
- Go to Access Log .
- Go to the search bar.
- Click .
-
Specify the following filter
fields:
Fields
Steps
Severity Level
-
Click .
The severity level drop-down menu appears.
-
Select a severity level option.
Accessed Resources
-
Click .
The content condition option appears.
-
Select a condition.
-
Specify the keywords.
Date
-
Click .
The date drop-down menu appears.
-
Select a date option.
Connection type
-
Click .
The connection type option appears.
-
Select a connection type.
User
-
Click .
The user condition option appears.
-
Select a condition.
-
Specify the keywords.
Action
-
Click .
The action drop-down menu appears.
-
Select an action option.
Source IP
-
Click .
The source IP address condition option appears.
-
Select a condition.
-
Specify the source IP address.
Hostname
-
Click .
The hostname condition option appears.
-
Select a condition.
-
Specify the keywords.
Client App
-
Click .
The client app condition option appears.
-
Select a condition.
-
Specify the keywords.
Computer Name
-
Click .
The computer name condition option appears.
-
Select a condition.
-
Specify the keywords.
-
- Optional:
Click Reset to clear
all search filters.
Respecify search filters as many times as required.
-
Click Search.
The list of filtered results is displayed.
-
Click Add as Customized
Tab.
The Add as Customized Tab window appears.
- Enter a tab name.
-
Click Apply.
-
The custom filter tab is created.
-
The custom filter tab is displayed next to the Main tab.
-