[SOLVED] Adv Search function for lazy people (ie me ;))

Z

zolthar

Member
Proxmox Subscriber
Dec 27, 2020
108
17
23
45
Just wondering, is there a way to utilise the filter functions 'better'?

I am doing my weekly checks and yes I could be using smaller time frames, exporting the logs etc, BUT, I will honestly say I am lazy.

Like I would love if the GUI could have some awesome search features like:
  • Status Type (blocked, quarantined, delivered, accepted etc)
  • Match function (ie. Is or Is NOT blocked)
  • Have the filter filter multiple entries (eg FROM_SUSPICIOUS_NTLD_FP && DELIVERED)
The reason is that I could search for specific criteria and then apply additional custom rules so that I can quickly adjust scores.

Or I am sure someone will just point me to a URL that tells me how to do the above and agitatingly refrain from calling me Mr Silly Silly Num Nuts. :)
 
zolthar said:
Like I would love if the GUI could have some awesome search features like:
  • Status Type (blocked, quarantined, delivered, accepted etc)
  • Match function (ie. Is or Is NOT blocked)
Click to expand...
These should be available by going to the Tracking Center (and sorting accordingly)
zolthar said:
Have the filter filter multiple entries (eg FROM_SUSPICIOUS_NTLD_FP && DELIVERED)
Click to expand...
for a single SA hit you can use the filter there (and again sort accordingly)


else - you can grep and search through the logs/journal on the system

I hope this helps
 
Thanks for your replies Stoiko,

Stoiko Ivanov said:
for a single SA hit you can use the filter there (and again sort accordingly)
Click to expand...
That is currently what I do, however I have to do this on a limited 2-3 day interval due to number of hits. What I try to do is search for certain SA hit and see the results.

In my example, I know 99.9% will be spam, but that 1-2 in a week that gets delivered is what I am looking for during my review/fine-tuning process. I cannot do anymore than 3 days due to the number of hits.

You are correct those features are already available, however as I didnt want to manually search the logs each time, the GUI would have been a faster method if those features were there. Yes, its an insignificant problem - moreso a UX view.

Thanks Stoiko. ;)
 
  • Like
Reactions: Stoiko Ivanov
You must log in or register to reply here.
Top Bottom