Setting name | Description |
Keyword | Type all or part of the exact word or phrase you want to search for. The word may appear in any of the fields of the log message (e.g. Action and/or Message), in any part of that field’s value. If entering multiple words, they must occur uninterrupted in that exact order. For example, entering admin as a keyword will include results such as User admin2 logout from GUI(172.16.1.15) where part of the word appears in the middle of the log message. However, entering User logout would not yield any results, because in the log messages, those two words are always interrupted by the name of the account, and therefore do not exactly match your search key phrase. Depending on your setting of Match condition, you may be able to use asterisks as wild cards to match multiple words. This setting is optional. |
Message | Type all or part of the exact value of the Message (msg) field of the log messages that you want to find. This setting is optional. |
Log ID | Type all or part of the ID number of the log messages that you want to find. This setting is optional. |
Time | Select the date and time range that contains the attack log that you are searching for. This setting is optional. Note: The date fields default to the current date. Ensure the date fields are set to the actual date range that you want to search. |
Match condition | Select whether your match criteria are specified exactly (Contain) or you have indicated multiple possible matches using an asterisk in Keyword (Wildcard). |