Shadow Log Filter (Service)

Shadow Log Filter (Service)

You can filter data in Shadow Log Viewer (Service) such that only records that meet certain conditions are displayed in the list.

There is no big difference between defining Audit Log Filter and Shadow Log Filter, so first see Audit Log Filter (Service).

When the filter is active you can define its condition by entering values into the following fields:

- Success - specifies whether to filter the successfully logged data.

- Incomplete - specifies whether to filter the data that was logged incompletely.

- Failed - specifies whether to filter the logged data whose transmission was blocked by Content-Aware Rules.

- File Name - the text that matches a value in the Shadow Log Viewer's File Name column. This field is not case-sensitive and you may use wildcards. You can enter multiple values separated by a semicolon (;).

- Source - the selection that matches a value in the Shadow Log Viewer's Source column. You can enter multiple values separated by a semicolon (;).

- Action - the selection that matches a value in the Shadow Log Viewer's Action column. You can enter multiple values separated by a semicolon (;).

- User - the text that matches a value in the Shadow Log Viewer's User column. This field is not case-sensitive and you may use wildcards. You can enter multiple values separated by a semicolon (;).

- Process - the text that matches a value in the Shadow Log Viewer's Process column. This field is not case-sensitive and you may use wildcards. You can enter multiple values separated by a semicolon (;).

- PID - the number that matches a value in the Shadow Log Viewer's PID column. You can enter multiple values separated by a semicolon (;).

- File size - the number or the region of numbers that matches a value in the Shadow Log Viewer's File Size column.

- From - specifies the beginning of the interval of records that you want to filter. Select First Record to see records starting with the first record written to the log. Select Records On to see records that were written starting with a specific time and date.

- To - specifies the end of the range of records that you want to filter. Select Last Record to see records ending with the last record written to the log. Select Records On to see records that were written ending with a specific time and date.

English-to-Russian translation