Running a Targeted Index Search
Procedure
- Click the All Sources except LogLogic button to open the Select Source(s) window.
-
Select log sources from the
Add Log Sources pane. You can select sources by appliance, and filter by Name, Collector Domain, IP Address, Group or Type.
- If you picked “Name”, enter a Source Name, a specific Device Name or a Name Mask. Wild cards are accepted in this field.
- If you picked "Collector Domain", enter the name of the Collector Domain. This is the name used to identify each message sent from a specific device.
- If you picked “IP Address”, enter a Source IP Address, a specific IP Address or an IP Address Mask. Wild cards are accepted in this field.
- If you picked “Group”, enter a Group Name, or click the down arrow to the right of the text field and select “All” or one of the other Group names displayed in the drop-down box.
- If you picked “Type”, enter a Source Type (a specific device type), or click the down arrow to the right of the text field and select “All” or one of the other Device Types displayed in the drop-down box
- Enter a name for the dynamic rule in the pop-up window and click OK.
- Click on the sources you want in your report and then click << Add selected log sources to add the selected devices and filters to the left-hand pane.
-
Click
Set.
The new Index Report search selection appears in the Sources row. The Index Search Sources field displays the newly added log sources.
Copyright © Cloud Software Group, Inc. All rights reserved.