ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Filtering bulk logging events when using the description field does not work.


Article ID: 162157


Updated On:


Data Center Security Monitoring Edition Data Center Security Server Data Center Security Server Advanced


Filtering bulk logging events when using the description field does not work. No errors but events are not filtered.


Although the Description field is an available option when constructing a log
filter rule, you cannot use the Description field in a log filter rule.  The
description values that are displayed in the console for prevention events are
created in the console from available data.


To work around this issue, you can match on elements of the event other than
the description.  For example, you can use the process path and resource name.