Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

Methods of Searching

Basic Search

Analyze > Search

Enter your search terms and select the time range

Example:

applicationProtocol="DHCP" AND deviceAction="DHCPACK" AND destinationAddress = "130.64.205.133"

Advanced Search

Analyze > Search > Advanced Search

This is basically just a "Query Builder." It works exactly the same way as Basic Search. It just assists you to create a search string to input for a Basic Search.

Operators:

&&

AND

||

OR

!

NOT

Saving a Search

ArcSight calls saved searches by 2 labels:

As a filter
A Filter saves the query expression, but does not save the time range or the field set information.

As a "saved search"
A saved search saves the query expression and the time range that you specified.

A filter is a subset of the saved search, and is the "wussier" version of a "saved search"

  • No labels

Information on the Tufts IT Knowledgebase is intended for IT Professionals at Tufts.
If you have a question about a Tufts IT service or computer/account support, please contact your IT support group.