Configure and apply a filter

You can configure and apply separate filters for events and activity. A Filter Editor is available in each report. When you navigate to any part of the page, the filter is always available at the top of the page.

Depending on the type of events or activity you filter, different data is available to configure the filter.

To learn about other methods that are available to filter data and narrow the list of events, see Filter Event Data.

The steps in this procedure apply to the Enterprise Center interface.

How to

  1. In the Enterprise Center navigation menu, go to an events or activity report.
    • For threat or access control events, select Threat Analytics > Events. Select the event report.
    • For activity, select Threat Analytics > Activity. Select the activity report.
  2. To filter events based on date and time, see Filter data based on date and time.
  3. Click the filter icon and then click Add filter Dimension.
  4. In the menu, select a dimension.
  5. Select Include or Exclude to include or exclude data that’s specific to the selected dimension.
  6. In the menu, select the specific data that you want to include or exclude in the filter. For example, if you selected Category, select the specific category that you want to exclude or include.
  7. If you want to add more data to the filter, click the text box. The menu where you can select data appears again. Select the data that you want to include or exclude in the filter.
  8. Click OK. The report with filtered data appears.

Next steps

To add specific event or activity data to your filter, see Add event or activity data to a filter. If you are adding data to a filter in the Identity Provider Activity report, see Add identity provider activity data to a filter.