AnsweredAssumed Answered

I find myself spending more time on regex then using the platform

Question asked by RSA Admin Employee on Mar 27, 2014
Latest reply on Apr 2, 2014 by Khalil - Omar Consumido

Seems I spend more time troubleshooting regexs instead of investigating events....for all the money spent on the tool its pretty primitive and time consuming to narrow the data down to what you want.


I figured simple things like ip.dst != would simply work....or !='org name" would work....


How about a better regex guide....I really dont have the time to figure out what works and what doesn't....