Button Negative filter rule: decides if the specified filter will prevent certain entries from appearing.

Drop-down Facility: Specify which facility the entries have to belong to. On many syslog clients, for instance Datagram's SyslogAgent, which facility to use can be specified. It is therefore a suitable basis for classification of entry type. A range of custom facilities are available, Local0 to Local7.

Drop-down Severity and drop-down compare rule: Specify which severity the entries have to belong to. They can be specified to a specific Severity, or to a range of severities by using the compare drop-down option. For instance 'Notice <=' means 'Where severity is equal or more severe than Notice'.

List item Host: Specify which host or hosts en entry has to come from. It could happen that en entry appear in this list that is not a real host. The reason could be that Syslogserver did not recognize the format in which it was sent, and therefore used the specification RFC3164 as a guide. Please notify us at info@syslogserver.com for any such occurrence.

Drop-down Process: specify which process, if any, the entries must have. Similar to the host list item, false entries could appear on the same basis. Please notify us at info@syslogserver.com for any such occurrence.

Button Edit Query: From all the above configuration options, the corresponding SQL query is dynamically constructed in the text area to the right of the button. By pressing the Edit Query button you are given the opportunity to modify the actual SQL query. This is good for advanced use of filters. See the later chapters for more information.

Text string Filter name: This is the displayed name of the filter when created.