Databases Reference
In-Depth Information
This presents us with a dialog, where we can assign a
Name
string and optionally
any
Tags(s)
to this event type, as shown in the following screenshot:
Let's name our event type
login
.
We can now search for the same events using the event type:
eventtype=login
Event types can be used as part of another search, as follows:
eventtype=login loglevel=error
Event type definitions can also refer to other event types. For example, let's assume
that all login events that have a
loglevel
value of
ERROR
are in fact failed logins.
We can now save this into another event type using the same steps as mentioned
previously. Let's call it
failed_login
. We can now search for these events using
the following:
eventtype="failed_login"
Search WWH ::
Custom Search