Filtering bulk logging events when using the description field does not work.
book
Article ID: 162157
calendar_today
Updated On:
Products
Data Center Security Monitoring EditionData Center Security ServerData Center Security Server Advanced
Issue/Introduction
Filtering bulk logging events when using the description field does not work.
No errors but events are not filtered.
Cause
Although the Description field is an available option when constructing a log
filter rule, you cannot use the Description field in a log filter rule. The
description values that are displayed in the console for prevention events are
created in the console from available data.
Resolution
To work around this issue, you can match on elements of the event other than
the description. For example, you can use the process path and resource name.