Fairly new at the LEM and definitely still learning.
Does anyone know of a way to set up a filter or rule under the monitor on LEM where you block one type of request and show all the rest.
With the requirements we have for a network we have to logg a lot of stuff even though we know it is going to happen, Thus I want to filter out items I know are constant so that I can more readable see all the other activity.
I.e I want to filter out all of the DNS activity (NamingTraficAudit) from several IPs, (DNS Proxy Request from "xxx.xxx.xxx.xxx") Thus leaving all the rest of the items for me to look at.
I have 6 IPs that are approved to do the DNS, and need to filter all 6. I created one filter and all it gives me is the DNS traffic, but I need one that gives me everything but the DNS traffic.
KVT