Log filter validation

After you create a log filter, it is immediately available, but is not active until you include it in a sensor profile. The process of creating a log filter is as follows:

1. Select System | DATA SOURCE MANAGEMENT | Data Filters | Log Filters.

   A table for managing log filters appears.

2. To add a new log filter, select Create or, to edit an existing log filter, select the Edit icon (pencil) at the far right of the row for the filter.

3. Enter a name.

4. Choose a tenant.

5. Choose an optional log source.

   If you leave this blank, the filter applies to all sources.

6. To define when to apply the log filter, select Condition.

   You can add multiple conditions, all of which are AND conditions.

7. Choose a Field.

8. Choose an Operator.

9. Enter a Value for the condition.

10. Select Submit.

Just creating the log filter does not make it active. The newly created log filter has to be added to an appropriate sensor profile to make it active and filter log traffic.