Search by Signature name

  • 1
  • Idea
  • Updated 1 year ago
You need to use the report finder searchbox.

Enter the report name Events by Signature into the searchbox filter.

Enter text from a signature name (or whole signature name) into the text filter.
Select match options (begins with, end with etc) as required.

Report shows all events in the db that match signature name, with senid, source IP and count. Suitable for exporting results via REST API if required.

For improved performance, select only the sensors you are interested in (rather than all).

You can save filters to create your own custom reports from this.
Photo of Aisling Brennan

Aisling Brennan, Official Rep

  • 393 Posts
  • 8 Reply Likes

Posted 1 year ago

  • 1

Be the first to post a reply!