Filter Logs on Traps Management Service
Endpoint and server logs have a filter that
allows you to set a criteria for which log entries to display. The
ability to filter logs is useful for focusing on events on your
Traps management service that possess specific properties or attributes.
You can filter logs using the following artifacts that are associated
with individual log entries:
- Filter by Timeframe.Select the time period for which you would like to filter security events: Last 24 hours, Last 7 days, Last 30 days, or Last 3 Months. You can also define a Custom date or date range.
- (Endpoint logs only) Filter by an Endpoint name.Enter a full or partial endpoint hostname or alias. The Traps management service filters the logs by the name as you type.
- (Management Service logs only) Filter by log Category.All server logs have an associated category (subclass) which identifies the log type. Select one or more categories for which you would like to filter security events from the Category drop-down. Traps management service filters the logs by the categories you select.
- Filter by log Type.
- (Optional) Enter a full or partial log name to display logs with names that match a word or phrase. The Traps management service filters the list of logs as you type.
- Select one or more log names.
- Filter by log Severity.Select one or more severities for which you would like to filter security events: Critical, High, Medium, Low, or Info.