Click here to expand

    Log Collection Filter

    EventLog Analyzer allows you to collect and process only the necessary logs by configuring log collection filters.

    Steps to create a log collection filter

    1. In EventLog Analyzer, navigate to Settings → Admin Settings → Log Collection Filters.
    2. Click on the +Add Filter button.
    3. Enter a unique name for your filter in the Filter Name field.
    4. Select the log format from the Select Log Format drop-down menu. Choose any one of the following log formats displayed:
      • Windows Logs
      • Syslogs
      • IBM AS/400 Logs.
    5. Click on the + button present in the Select Device(s) field to select a device group.
    6. Add log database filter
    7. In the Select Device pop-up menu, you can either search and select particular devices in your network to apply the filter to or select entire device groups by selecting the respective check boxes on the left pane and clicking on Add.
    8. In the Filter Criteria box, you will see the Exclude and Collect Only drop-down menus to configure a filter to perform either of the following actions:
      • Exclude all the logs that satisfy the specified filter criteria.
      • Collect only the logs that satisfy the specified filter criteria.
      Note: You can configure a filter to perform only one action. You need to create separate filters to collect and exclude logs for the same set of devices or device groups.

      Add log database filter
    9. Click on the + sign to add multiple filter criteria by using conditional operators such as AND and OR.
    10. You can also configure multiple filter groups by clicking on +Add Group and link them using AND or OR operators to create a high-level filter.
    11. Click on Finish to save the created filter.

    Viewing and managing log collection filters

    You can view, enable or disable, edit, and delete all the created filters in the Log Collection Filters page by clicking on the respective icons provided. Please note that the default filters present in this page can only be disabled and not deleted.

    You can see the list of devices associated with a particular filter by hovering your mouse pointer over the Device(s)/Group(s) Configured section. The More Actions drop-down menu allows you to select and enable, disable, export, and import multiple filter profiles.

    Add log database filter

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       
    Get download link