Selecting Log Sources

By selecting log sources from the log source picker, an Advanced Search query that includes the selected log sources is automatically generated for you.

1. Click the Select Log Sources button to open the log source picker.
2. From the List of Log Sources pane, select sources by appliance. You can filter by the following parameters. After selecting a filter, you must provide additional information:

   Filter	Additional information
   Name	A specific device name
   Collector Domain	Name of the collector domain
   IP Address	Specific IP address
   Description	Description of the log source
   Type	Enter a source type (a specific device type), or select from the list.

   You can apply multiple filters by clicking the + button. Click Reset filters to clear all filters.

   You can also use the Search field to filter the list of devices and then select from the filtered list.

3. To add the selected devices and filters to the Selected Log Sources pane, select the log sources and then click Add Selected Log Sources.
4. (Optional) To add a large number of devices, create a dynamic rule that contains all listed devices. You can create multiple rules.
   1. Filter by Name or Type to retrieve the list of devices.
   2. Click Add Filters as a Rule.
   3. Enter a name for the dynamic rule in the dialog box and click Create.
   A dynamic rule containing the listed devices is created and displayed in the Selected log sources pane.
5. Review the list of log sources in the Selected log sources pane. You can remove sources by clicking Delete source.
6. Click Set.