Very much a newb looking to get some basic information from my Sonicwall logs. Setting up the search using multiple criteria for the same field in the log file is what I am asking. I have a firewall event m=1079 (failed SSL VPN login) and m=1080 (successful). How does one string criteria with an OR?
Is it also possible to limit what is displayed in the search as well as group and count for output to dashboards?
Any good reading material would also be cool.
Thanks
↧