Is there any way to filter, or search for a specific Event ID. I know there is a Magnifying glass icon next tot he Event ID field, not sure what this is for, it does not seem to have a function.
What type of Event ID did you have in mind? The product assigns every parsing and correlation rule to an internal Signature ID, but there are other things, like Windows Event IDs and Events IDs from other products that can be parsed. Thanks.
Ahh, that one. That ID is actually unique to the database record that holds that events and does not pertain to the event itself. Every record will generate a unique one of these ID's. Thanks.