Filtering bulk logging events when using the description field does not work.
Article ID: 162157
Updated On:
Products
Data Center Security Monitoring Edition
Data Center Security Server
Data Center Security Server Advanced
Issue/Introduction
Filtering bulk logging events when using the description field does not work.
No errors but events are not filtered.
Cause
Although the Description field is an available option when constructing a log
filter rule, you cannot use the Description field in a log filter rule. The
description values that are displayed in the console for prevention events are
created in the console from available data.
filter rule, you cannot use the Description field in a log filter rule. The
description values that are displayed in the console for prevention events are
created in the console from available data.
Resolution
To work around this issue, you can match on elements of the event other than
the description. For example, you can use the process path and resource name.
the description. For example, you can use the process path and resource name.
Feedback
Yes
No
Powered by
