Database Filter
To prevent unnecessary or unwanted log data entering in to EventLog Analyzer for processing ‘Database Filter’ is available. This will reduce the log noise and allow only necessary logs to get processed.
Create Database Filter
To create a log database filter, use the following menu option:
- Tabs: +Add > Filter
- Settings tab > Database Filter > Add
To create a database filter, follow the steps given below:
In this screen, select the event filter option, filter parameters, required Windows Event ID, event type and severity.
-
Enter an unique name for the database filter
-
Select the Basic or Advanced event filter option. In the Basic filter option, basic matching is done on the Log Message Contains and Except filter. In the Advanced filter option, 'Match Any' or 'Match All' criteria is applied on the Log Message Contains and Except filter.
-
Fill the appropriate filter criteria. Log Message Contains – use this to filter the logs for a specific word or phrase
-
Except - use this to exclude the logs if it contains a specific word or phrase
-
Event Source - use this to filter the logs for a specific event source
-
User - use this to filter the logs for a specific user
-
Select Windows or Syslog to be filtered
-
Enter the Event ID(s) to filter the logs.
- In case of Windows Event log or Syslog, filter the logs by event type(s) and / or severty(ies)
Navigate to the next screen with Next > > button
-
Select the host group(s), host(s) for which the log to be filtered
-
Complete the database filter creation with Finish button
How to edit/delete database filter?
Edit/ Del menu will take you to the Filter Details table, where all the database filters are listed.
How to disable/enable database filter?
- Use the Enable/Disable icon to enable or disable the filter
How to edit filter?
On the table row of a specific filter Edit icon is available.
- Use the Edit icon to edit the selected filter.
How to delete filter?
-
Select the database filter(s) by selecting the respective check box(es)
-
Delete the filter(s), using the Delete menu link.
Filter Details
In the Filter Details table, all the filters created are displayed with the enable/disable option, edit option, delete option, name of the filter, type of filter (Windows, Linux), host(s) and host group(s) associated to the filter.
IBM iSeries (AS/400) Database Filter
Ensure that at least one IBM iSeries (AS/400) host is added in EventLog Analyzer. To create IBM iSeries (AS/400) database filter, use the following menu options:
- Tabs: +Add > AS/400 Filter
- Settings tab > Configuration section: Database Filter > AS/400
To create a database filter, follow the steps given below:
In this screen, select the event filter option, filter parameters, required Message ID, severity and job name.
-
Enter an unique name for the database filter
-
Select the Basic or Advanced event filter option. In the Basic filter option, basic matching is done on the Drop the Logs Containing and Except filter. In the Advanced filter option, 'Match Any' or 'Match All' criteria is applied on the Drop the Logs Containing and Except filter.
-
Fill the appropriate filter criteria. Drop the Logs Containing– use this to filter the logs for a specific word or phrase
-
Except - use this to exclude the logs if it contains a specific word or phrase
-
Event Source - use this to filter the logs for a specific event source
-
User - use this to filter the logs for a specific user
-
Select event severity to be filtered
-
Enter the IBM iSreies Message ID(s) to filter the logs.
-
Filter the logs for specific job names
Navigate to the next screen with Next > > button
-
Select the IBM iSeries (AS/400) host group(s), host(s) for which the log to be filtered
-
Complete the database filter creation with Finish button