To find records in the logs that shows log records from the Application & URL Filtering Software Blade where traffic was blocked, what would be the query syntax?
A. blade: application control AND action:block
B. blade; "application control" AND action;block
C. (blade: application control AND action;block)
D. blade: "application control" AND action:block
|
Download Printable PDF. VALID exam to help you PASS. |
 |
Examples:
blade:”application control” AND action:block
Shows log records from the Application & URL Filtering Software Blade where traffic was blocked.
192.168.2.133 10.19.136.101
Shows log entries that match the two IP addresses. The AND operator is presumed.
192.168.2.133 OR 10.19.136.101
Shows log entries that match one of the IP addresses.
(blade:Firewall OR blade:IPS OR blade:VPN) AND NOT action:drop
Shows all log entries from the Firewall, IPS or VPN blades that are not dropped. The criteria in the parentheses are applied before the AND NOT criterion.
source:(192.168.2.1 OR 192.168.2.2) AND destination:17.168.8.2
Shows log entries from the two source IP addresses if the destination IP address is 17.168.8.2. This example also shows how you can use Boolean operators with field criteria.