Filtering Alerts by IP address
Hello,
We are using EventLog Analyzer to track credit cards in plain text detected by our Snort system. I am trying to filter out messages based on where the activity is taking place (backup processes, etc. should be excluded) and there is a filter for strings contained in the log message. Does this filter work if I put in an IP address, and said 'match any'? Or would this not make any difference? Thanks.
We are using EventLog Analyzer to track credit cards in plain text detected by our Snort system. I am trying to filter out messages based on where the activity is taking place (backup processes, etc. should be excluded) and there is a filter for strings contained in the log message. Does this filter work if I put in an IP address, and said 'match any'? Or would this not make any difference? Thanks.
Topic Participants
mayorga82
Sam Shankar
New to M365 Manager Plus?
New to M365 Manager Plus?
New to RecoveryManager Plus?
New to RecoveryManager Plus?
New to Exchange Reporter Plus?
New to Exchange Reporter Plus?
New to SharePoint Manager Plus?
New to SharePoint Manager Plus?
New to ADManager Plus?