Table of Contents
- Getting Started
- Agent-Based Management
- Common Tasks
- Data Providers
- Directory Services
- Auditing
- Hosts
- Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- Active Directory User Monitor Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- CPU Monitor Template
- Memory Monitor Template
- Disk Space Monitor Template
- Account Lockout Monitor Template
- Audit Policy Monitor Template
- Logon As Monitor Template
- Logon Monitor Template
- Performance Counter Monitor Template
- PowerShell Template
- Process Monitor Template
- RDP Session Monitor Template
- Registry Value Monitor Template
- Service Monitor Template
- SMART Disk Monitor Template
- System Security Monitor Template
- Windows Update Template
- WMI Query Template
- Task Scheduler Template
- Clock Synchronization Template
- Defragment NTFS Disks Template
- Network and Application Monitor Templates
- SSL Certificate Monitor Templates
- Database Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
- Monitors
- Reports
- Auto-Configurators
- Filters
- Actions
- Schedules
- Environment Variables
- Options
- SNMP
- SSH Shell
- Syslog
- System Reset
- Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
- Command Line Interface
- Server Configuration
- Agent Configuration
- Troubleshooting
- Terminology
Corner Bowl Server Manager
SIEM, IPS, Server Monitoring, Uptime Monitoring and Compliance Software
Filters
A Filter is a configurable object used to target or limit specific log entries or computers from real-time and consolidated log views, monitors and reports. Filters can also be used when manually searching computers in Active Directory or through an Auto Configurator.
How it works:
Once assigned to a log viewer, report or Auto-Configurator, the filter is applied to the data set. Entries that pass the filter criteria are included in the final data set. When using the Agent-Based Log Consolidation Templates, consolidation filters are applied on each remotely managed host prior to the data set being transmitted on the network.
Note
Server Manager includes numerous sample Filters. You have the option of assigning these filters to executables as is, modifying them or if prefer, removing all of them and defining your own. To view the sample filters, from the Explorer View, expand the Filters node then select Sample Filters.
To create a filter from a Log Viewer:
- From the Log Viewer, find an entry you would like to either include or exclude from the viewer, then right click and select Filter Selected Entries. The Filter Selected Entries View displays.
- Use the Visibility drop-down to configure to either include or exclude the selected entries.
- Depending on the type of log entry, check the Include the message in the filter option to include the entire message in the filter.
- Choose to either Create a new filter or Append to an existing filter. If you choose to create a new filter,
- Use the Name text box to specify a unique name to identify the filter.
- Use the Filter type drop-down to select the type of filter to create.
- Use the drop-down to select the filter to append these entries.
- Click OK. The filter is either created or appended to, then the Filter Properties View displays.
Important
If you chose to include the message in the filter, remove all entry specific data from the filter criteria (e.g. Date and Time).
To create a filter:
- From the Menu Bar select File | New. The Create New Object View displays.
- From the Create New Object View, select Filter. The Filter Properties view displays.
- Configure the filter.
- When you have finished configuring the filter, click the OK button to save.
Available Filter Types
| Type | Description |
|---|---|
| Simple | A simple stacked list of criteria that can be ordered and flagged to either include or exclude specific contents. |
| Complex | A hierarchal tree of criteria that resembles a computer programming language but is configured through a graphical user interface. |
Sample Event Log Filters
The following screenshots show the same filter implemented using each method.
Sample Simple Event Log Filter:
List View
Table View
Sample Complex Event Log Filter:
