EventlogAnlyzer DB Filters

EventlogAnlyzer DB Filters

Hello,
I'm facing problem with DB Filter, and don't know what's the limit of this funciton.
In detail, I want to drop all the windows logs of logon event (4624,4634) of any COMPUTER account for certain server.
What I'm trying to obtain is to drop eventid 4624,4634 of logs that contain this sequence of characters:

$ Account Domain

thake this entry as example

An account was successfully logged on. Subject: Security ID: S-1-0-0 Account Name: - Account Domain: - Logon ID: 0x0 Logon Type: 3 New Logon: Security ID: S-1-5-21-1127742886-573801059-3947661244-153308 Account Name: SERVER1$ Account Domain: TEST Logon ID: 0xdd6e39297 Logon GUID

As you see, a computer account ends always with $, and the subsequents characters are "Account Domain"
So, I need to drop all logs that contain: 
$ Account Domain

is it possible? because I have tryed this filter, but it won't works right now. Do I need to put all between ""?
Are special sql character like % or * allowed? Or Regex?

Thanks
Manuel


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
              See all integrations
              New to ADManager Plus?
              See all integrations
              New to ADManager Plus?

                New to ADSelfService Plus?

                Start your free trial
                Start your free trial



                          Related Products