Datagram SyslogServer - the Windows syslog server logging solution for your enterprise!

HOME

DOWNLOAD

ORDER & PRICING

RESELLERS

CONTACT

SyslogServer Suite

Presentation >>

Screendumps >>

FAQ >>

Software components

Server Software >>

SyslogView >>

SyslogAgent >>

Customer Support

Online Manuals >>

Troubleshooting>>

Forum>>

6. Using filter groups

All active filters are superimposed on each other, including the Quickfilters. By using a combination of filters and negative filters, indeed specific types of entries can quickly be identified. By use of negative filters, the unexpected entries can easily be found - providing possibly important information.

An example:

In this example, two filters have been specified. One specifies all network equipment, the other one all production services. Also, a Quickfilter (below the drop-down menu in the picture) specifying a severity level of Notice or higher is used. The result; Display all non-normal entries from our production services on our network equipment.

Specifying a few groups of general filters, whether based on operating system, location, organizational unit or criticality - is a recommendation to get the most out of Datagram Syslogserver Suite. This usually, but not always, means to specify a group of hosts in a filter. Other combinations are also possible - although sometimes requireing a small modification to the SQL syntax - see the advanced chapters for general information about modifying the SQL syntax.

A generic filter example:

In this simple example, just one field has been specified - the host field. All this filter does is to only allow entries from the specified computers to be displayed - in this case Windows computers. Its purpose is multiple:

The filter itself can be used in combination with Quickfilters for further data mining on Windows computers.
The filter can be used in combination with other filters that are only applicable to Windows computers. That way, all Windows computers does not have to be specified in each Windows related filter. Also, when another Windows computer is introduced on the network, only this filter has to be modified - not all Windows related filters.

Next: Advanced filter design

Contents:
1. Introduction
2. Using filters
3. Basic filter design
4. Basic filter design, continued
5. Alarms are similar to filters
6. Using filter groups
7. Advanced filter design
8. Advanced filter design, continued
9. Conclusion