|Applies To||RSA Product Set: Security Analytics|
RSA Product/Service Type: SA Security Analytics Server
RSA Version/Condition: 10.5.x
O/S Version: 6
|Issue||When writing a query only the following operators are available|
|Tasks||To solve this issue create an app rule that will tag the meta that you are interested,|
For example, suppose you wanted to find all destination usernames that did not begin with foo.
You can create an app rule on your logdecoder as follows
|Resolution||In your report, use the following in your rule to display all usernames that do not begin with foo.|
where alert != '"Account Begins with Foo"