RSA Admin

Filtering in Reports

Discussion created by RSA Admin Employee on Oct 29, 2009
Latest reply on Oct 29, 2009 by RSA Admin

I have written a group of reports about failed logins by user accounts on devices.  I wish to filter out specific domains from certain versions of the reports and some specific accounts.

 

I have used DomainName with LIKE and NOT Like statements, but no filtering occurs?

 

So where I use the statement AND DomainName NOT LIKE (‘xxxx’) it’s still in the report.

 

When I use the statement AND DomainName LIKE (‘xxxx’) they are still listed along with other domains as well?

 

This was along side other statements attempting to filter out using a conditional OR UserNames NOT Like (‘%Service%’) but that does not work?

 

I tried a Watchlist as a filter and that with inclusion or exclusion still does not remove the data I do not want.

 

Is there a way to achieve a filtering by domain that I am not considering or is it not possible to do this function.

Outcomes