Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Managing Search Groups

 

Using the Search Groups window, you can create and manage event, flow, and offense search groups.

These groups allow you to easily locate saved search criteria on the Log Activity, Network Activity, and Offenses tabs, and in the Report wizard.

Viewing Search Groups

A default set of groups and subgroups are available.

You can view search groups on the Event Search Group, Flow Search Group, or Offense Search Group windows.

All saved searches that are not assigned to a group are in the Other group.

The Event Search Group, Flow Search Group, and Offense Search Group windows display the following parameters for each group.

Table 1: Search Group Window Parameters

Parameter

Description

Name

Specifies the name of the search group.

User

Specifies the name of the user that created the search group.

Description

Specifies the description of the search group.

Date Modified

Specifies the date the search group was modified.

The Event Search Group, Flow Search Group, and Offense Search Group window toolbars provide the following functions.

Table 2: Search Group Window Toolbar Functions

Function

Description

New Group

To create a new search group, you can click New Group. See Creating a new search groupYou can create a new search group..

Edit

To edit an existing search group, you can click Edit. See Editing a search groupYou can edit the Name and Description fields of a search group..

Copy

To copy a saved search to another search group, you can click Copy. See Copying a saved search to another groupYou can copy a saved search to one or more groups..

Remove

To remove a search group or a saved search from a search group, select the item that you want to remove, and then click Remove. See Removing a group or a saved search from a groupYou can use the Remove icon to remove a search from a group or remove a search group..

  1. Choose one of the following options:
    • Click the Log Activity tab.

    • Click the Network Activity tab.

  2. Select Search >Edit Search.
  3. Click Manage Groups.
  4. View the search groups.

Creating a New Search Group

You can create a new search group.

  1. Choose one of the following options:
    • Click the Log Activity tab.

    • Click the Network Activity tab.

  2. Select Search > Edit Search.
  3. Click Manage Groups.
  4. Select the folder for the group under which you want to create the new group.
  5. Click New Group.
  6. In the Name field, type a unique name for the new group.
  7. Optional. In the Description field, type a description.
  8. Click OK.

Editing a Search Group

You can edit the Name and Description fields of a search group.

  1. Choose one of the following options:
    • Click the Log Activity tab.

    • Click the Network Activity tab.

  2. Select Search > Edit Search.
  3. Click Manage Groups.
  4. Select the group that you want edit.
  5. Click Edit.
  6. Edit the parameters:
    • Type a new name in the Name field.

    • Type a new description in the Description field.

  7. Click OK.

Copying a Saved Search to Another Group

You can copy a saved search to one or more groups.

  1. Choose one of the following options:
    • Click the Log Activity tab.

    • Click the Network Activity tab.

  2. Select Search > Edit Search.
  3. Click Manage Groups.
  4. Select the saved search that you want to copy.
  5. Click Copy.
  6. On the Item Groups window, select the check box for the group you want to copy the saved search to.
  7. Click Assign Groups.

Removing a Group or a Saved Search from a Group

You can use the Remove icon to remove a search from a group or remove a search group.

When you remove a saved search from a group, the saved search is not deleted from your system. The saved search is removed from the group and automatically moved to the Other group.

You cannot remove the following groups from your system:

  • Event Search Groups

  • Flow Search Groups

  • Offense Search Groups

  • Other

You cannot remove Event Search Groups from your system.

  1. Choose one of the following options:
    • Click the Log Activity tab.

    • Click the Network Activity tab.

  2. Select Search > Edit Search.
  3. Click Manage Groups.
  4. Choose one of the following options:
    • Select the saved search that you want to remove from the group.

    • Select the group that you want to remove.

  5. Click Remove.
  6. Click OK.