Kaspersky Unified Monitoring and Analysis Platform
English

Contents

Filtering events using SQL queries

In KUMA you can filter events using SQL syntax queries.

To create a filter using SQL search queries:

  1. In the Events section of KUMA click the SearchField field and select the SQL query tab.

    The field for entering the search query opens.

  2. Generate a search query.
  3. Click Search.

After this, only events matching he created filter are displayed in the events table, and the filter expression is displayed in the Search field.

To remove the filter:

  1. In the Events section of KUMA click the field with the filter expression.
  2. Click New search.

The filter will no longer be applied to the displayed events.

This action will also delete the time-based filter.

Page top
[Topic 217878]