Assigning Tags upon Log Occurrence
Upon audit log occurrence, you can assign or remove tags to the assets (nodes, devices, users, wireless LANs) that generated the logs. By creating a search filter, you can automatically assign or exclude tags to corresponding assets when audit logs included in the search filter occur, allowing for their automatic assignment to or exclusion from separate policies.
Configuring Tags in Search Filter
- Go to Audit in the top menu.
- In the left menu, go to Logs > Search Filter.
- Click the Search Filter Name.
- In the Tags menu below, select Assign.
- Select the Search Target and Assignment Target to which tags will be assigned.
- Click the
Addbutton to check the tags to assign, then click theSetbutton. - Click the
Updatebutton.
Untagging Assets in Search Filter
- Go to Audit in the top menu.
- In the left menu, go to Logs > Search Filter.
- Click the Search Filter Name.
- In the Tags menu below, select Remove.
- Select the Search Target and Assignment Target from which tags will be removed.
- Click the
Addbutton to check the tags to remove, then click theSetbutton. - Click the
Updatebutton.