Searching; Running An Event Search; Running A Basic Search - Novell SENTINEL LOG MANAGER 1.0.0.5 - ADMINISTRATION GUIDE 03-31-2010 Administration Manual

Searching

5
®
Novell Sentinel Log Manager can perform a search on events. Each time you perform a search
TM
for an event, a tab opens with the search results. In each tab you can again refine your search.
The search includes all the online data currently in the flat files at the
archived data in zip format at the configured location; and can also include searching of internal
events of Sentinel Log Manager if you select Include System Events. By default, events are returned
in a loosely time sorted order in reverse chronological order. This sort order relates to how the
events are stored in the file system partitions.
Basic event information includes event name, source, time, severity, information about the initiator
(represented by an arrow icon), and information about the target (represented by a bull's-eye icon).
This section gives you an understanding of searching for an event, refining search results, viewing
search results, exporting the search results, saving a search query as report template, and sending the
search results to an action instance.
Section 5.1, "Running an Event Search," on page 75
Section 5.2, "Refining Search Results," on page 78
Section 5.3, "Viewing Search Results," on page 82
Section 5.4, "Exporting Search Results," on page 86
Section 5.5, "Saving a Search Query as a Report Template," on page 88
Section 5.6, "Sending Search Results to an Action," on page 90

5.1 Running an Event Search

Users can run simple or advanced searches.
Section 5.1.1, "Running a Basic Search," on page 75
Section 5.1.2, "Running an Advanced Search," on page 77
Section 5.1.3, "Search Expression History," on page 78

5.1.1 Running a Basic Search

A basic search runs against all of the event fields listed in
searches include the following event values:
root
127.0.0.1
Lock*
driverset0
directory and the
data
Table C-1 on page 149. Few basic
5
Searching 75