Log Collection Filter

Log360 Cloud allows you to collect and process only the necessary logs by configuring log collection filters.

Steps to create a log collection filter

• Navigate to Settings → Admin Settings → Product Customization→ Log Collection Filters
• Click on the +Add Filter button.
• Enter a unique name for your filter in the Filter Name field.
• Select the log format from the Select Log Format drop-down menu. Choose any one of the following log formats displayed:
• Windows Logs
• Syslogs
• Click on the + button present in the Select Device(s) field to select a device group.
• In the Select Device pop-up menu, you can either search and choose devices in your network to apply the filter to or choose entire device groups by selecting the respective check boxes on the left pane and clicking on Add.



• In the Filter Criteria box, you will see the Exclude and Collect Only radio options to configure a filter to perform either of the following actions:
• Exclude all the logs that satisfy the specified filter criteria.
• Collect only the logs that satisfy the specified filter criteria.
• Click on the + symbol to add multiple filter criteria by using conditional operators such as AND and OR.
• You can also configure multiple filter groups by clicking on +Add Group and link them using AND or OR operators to create a high-level filter. Click on add to save the created filter.

Viewing and managing log collection filters

You can view, enable or disable, edit, and delete all the created filters in the Log Collection Filters page by clicking on the respective icons provided. Please note that the default filters present in this page can only be disabled and not deleted.

You can see the list of devices associated with a particular filter by hovering your mouse pointer over the Device(s)/Group(s) Configured section. The More Actions menu lets you enable, disable, delete, and modify filter profiles. Select the three-dot menu to import and export multiple filter profiles.