Filter criteria for Log Monitor form data display

The Log Monitor form displays data that falls into several categories. The top portion of this form displays data according to specified display filters. Use the bottom portion of the form to specify the data filters.

The Log Monitor form displays these categories for each data record logged:

Data included within specified Timestamp ranges
The Type of data to display
Note: The Log Monitor form does not display Diagnostics type data.
The Source of the data
A specified text string to be found in the associated Message

You can filter by any combination of these categories of data to find and analyze the exact data you want.

Note: When filtering data to be displayed, the system filters by a combination of all of these categories. Incoming data records must satisfy the criteria of all four filters before it is displayed on the Log Monitor form. For example, suppose you were to set these values:

The Timestamp to be blank;
The Source to IDORuntime;
The Type to SQL|Audit; and
The Message to IsSaasSession;

With these filter settings, only those data records that meet all of these restrictions display in the form.

Timestamp

The Timestamp field in the bottom portion of the form indicates the start time for which data is to be displayed.

If you select a date from the calendar (after clicking the icon on the right), the Timestamp field is populated automatically with that date and the time set to midnight (12:00:00 AM). If you want the data for that entire date (and beyond), leave this value unchanged.

If you want to view the data for a more limited period of time (for instance, after a certain hour, like 06:00:00 AM), change the value of the time setting. Then, place a right angle bracket (the "greater than" sign > ) before the entire timestamp; for example: >4:00:00 PM

Note: If you do not use the right angle bracket, the system looks for that exact timestamp and returns no other data. The right angle bracket tells the system to look for and return data starting at that time and going forward. The only time the system automatically looks at the time setting as a starting point is when it is set to 12:00:00 AM.

You can also use a left angle bracket ("less than" < ) to use the time setting as a stopping point.

Type

To allow all types of data to display, leave this field blank.

To limit the display to a single type of data in the log, select the type of data you want from the drop-down list.

Note: SQL messages and Diagnostics data are excluded.

Source

To allow data to be collected from all sources, leave this field blank.

To limit the display to data from a single source, specify the name of the source; for example: IDORuntime

Message

To allow all message text to display, leave this field blank.

To limit the amount of text that is displayed, based on its content, type the text to include in this field; for example: Querying suspending insert event initiators

You can use wild cards in this field, in the form of either Regular Expressions or plain text. However, you cannot mix the two; it must be one or the other. Also, you cannot use standard Mongoose wild cards, such as the asterisk (*), because the system treats it as plain text. It is also true that the asterisk is treated differently in RegEx syntax.

If you are using Regular Expression (RegEx) text, you can use special characters, but you should exercise caution here and make sure to input correct RegEx syntax. If you are using plain text, and you were to input something like 'Sample', the system treats it as "*Sample*", automatically wrapping the text with asterisks.