2 Replies Latest reply on Jan 30, 2015 10:54 AM by rufat87

    Rules/Filters advanced refining


      I have recently started my job as a Security Analyst position and we using Log and Event Manager  ver. 6.0.1. I am learning all the deep capabilities of LEM on the go and as I go through the Rules and Filters and multiple types of fields and event correlations, I came up with a question.


      Before creating your own Rule or Filter, is there a way to find out whether a specific event/eventgroup/userdefinedgroup/connectortype is part of any already implemented rule/filter? Any advanced refining option? Aside from going through all of them one by one.


      Thank you!