Filter Logs on Traps Management Service

Endpoint and server logs have a filter that allows you to set a criteria for which log entries to display. The ability to filter logs is useful for focusing on events on your Traps management service that possess specific properties or attributes. You can filter logs using the following artifacts that are associated with individual log entries:
  • Filter by Timeframe.
    Select the time period for which you would like to filter security events: Last 24 hours, Last 7 days, Last 30 days, or Last 3 Months. You can also define a Custom date or date range.
    tms-logs-custom-date-range.png
  • (Endpoint logs only) Filter by an Endpoint name.
    Enter a full or partial endpoint hostname or alias. The Traps management service filters the logs by the name as you type.
  • (Management Service logs only) Filter by log Category.
    All server logs have an associated category (subclass) which identifies the log type. Select one or more categories for which you would like to filter security events from the Category drop-down. Traps management service filters the logs by the categories you select.
  • Filter by log Type.
    1. (Optional) Enter a full or partial log name to display logs with names that match a word or phrase. The Traps management service filters the list of logs as you type.
    2. Select one or more log names.
  • Filter by log Severity.
    Select one or more severities for which you would like to filter security events: Critical, High, Medium, Low, or Info.

Related Documentation