USM Anywhere enables you to search for events from the details of an alarm using the selected value as a filter in the search.
The HTTP Hostname or the DNS RR Name fields
All alarms that include the fields HTTP Hostname or the DNS RR Name give you the option of searching for events by using these fields. The alarm needs to include these fields.
To configure the HTTP Hostname or the DNS RR Name filters
- Go to Activity > Alarms.
- In the upper-left side of the page, click the Configure Filters link.
- In the search filters box, enter HTTP or DNS and select the desired filter.
- Use the
and 
icons to pass the items from one column to the other. - Click Apply.
The selected filters display.
To use the search pivot in the HTTP Hostname or the DNS RR Name fields
- Go to Activity > Alarms.
- Click an alarm that includes the fields HTTP Hostname or the DNS RR Name to see its details.
- Click the
icon located next to the asset name in one of these fields. - Choose a date range:
- Last 24 hours: Run the search in the last 24 hours.
- Custom Range: Customize a range and narrow it to delimit your search per minutes and seconds.
- Click Find in events to display the events list page with the specific events.
Searching for Events by Using the Source or Destination Fields
USM Anywhere gives you the option of searching for events by using the Source or the Destination fields.
To search for events using the Source field
- Go to Activity > Alarms.
- Click an alarm to see its details.
- Click the icon next to the Source field.
- Choose a date range:
- Last 24 hours: Run the search in the last 24 hours.
- Custom Range: Customize a range and narrow it to delimit your search per minutes and seconds.
- Click one of these links:
- Find Source in Events: Use this link to search events having the same source as the alarm.
- Find Source & Destination in Events: Use this link to search events having the same source and destination as the alarm.
The result of your search displays with the filters applied.
Feedback