Use Sample Filters to Search Events

Sample filters allow you to construct common search queries quickly without requiring you to type the full query. Select the filter and modify the query parameters to fit your specific needs.

Procedure

Step 1

In the Event Logging page, click the search bar. A list of Sample Filters appears below the search bar.

Step 2

Choose a filter from the drop-down list. The search bar automatically populates with the corresponding search query.

Step 3

Modify the values in the predefined query to refine your search.

Examples

  • To search for events related to a specific website, select Wildcard URL. The search bar displays URL: "*.sharepoint.com". You can then change sharepoint.com to any other domain you wish to investigate.

  • To search for events involving a specific device, select Specific Host. The search bar displays InitiatorIP: "192.168.55.55" OR ResponderIP: "192.168.55.55". Change 192.168.55.55 to the IP address of the device you want to monitor.

Step 4

Click Search.