Event Filters
This view shows event filters created in the Executables section. Event filters are rules in ESET Inspect On-Prem that determine which low-level events should be excluded from the database. The database size is proportional to the number of stored low-level events. Reducing stored events with Event Filters helps lower disk usage and improve performance.
You do not need to use Event Filters if you configure ESET Inspect On-Prem to Store only the most important data or Store data related directly to detections in More > Settings.
The Dashboard > Events Load shows executables and computers reporting the most low-level events. You can create Event Filters using the Filter events button on the Executable details page.
Filtering, Tags and Table options
Use filters at the top of the screen to refine the displayed items. Tags are powerful when searching for a specific computer, detection, incident, executable or script. Click the gear icon for table options to manage the main table.
Click a filter name to take further action:
Details |
Go to the Rule details tab. |
---|---|
Edit Rule |
Go to the Edit rule tab. |
Change assignment |
Go to the selected filter’s Targets view. |
Enable |
Enable selected filters. |
Disable |
Disable selected filters. |
Delete |
Delete selected filters. |
Save As |
Save selected filters under the desired name. |
Export |
Start the filter’s export process, depending on the web browser. The file format is XML. |
Import |
Open the window to import the XML filter file. The following counts are available: •Total count of imported filters •Count of imported filters with correct syntax •Count of imported filters with incorrect syntax •Count of not imported filters |
Tags |
Assign tags to a computer from the existing list or create new custom tags. |
Filter |
Show quick filters on the column where you activated the context menu (Show only this, Hide this). |