On This Page
Filtering Rules
You can exclude rules in your report based on the result of filters. SecureTrack Reporting Essentials (STRE) supports filtering for the following reports:
A filter definition excludes rules according to the value of the following components:
|
Filter Component |
Description |
Example |
|---|---|---|
| Source/Destination | Source and Destination | an IP (1.1.1.1), subnet (1.1.1.0/24), or any |
| Service | Service | tcp:80 |
|
Action |
|
|
| Comment | Partial or full text from comments in the rule | Production environment |
| Tag name (Palo Alto only) | ||
| Source/Desitnation Device Zone |
In a single filter definition, the filter components are logically joined using the AND operator. In this example, a rule will be excluded if it has any in the source and 2.2.2.2 in the destination.
You can create additional filter definitions. STRE treats the relation between filter definitions with an OR operator. In this example, a rule will be excluded if it has a source value of 1.1.1.1 or destination value of 2.2.2.2.
