Cannot create events based on "sys

Support Center > Search Results > SecureKnowledge Details

Cannot create events based on "sys_message:" filter

Technical Level

Solution ID	sk119995
Technical Level
Product	Quantum Security Gateways
Version	R77.30 (EOL), R80.10 (EOL), R80.20 (EOL)
Date Created	16-Aug-2017
Last Modified	12-May-2019

Symptoms

Creating events based on "sys_message:" filter fails with:

Origin: [IP address] Time: [DATE TIME] 
Flags: 0x140 Interface: "daemon" 
Direction: inbound Action: null ['sys_message:': "installed Standard"]
sys_message has : within the ''

When adding ":" to the sys_message field in SmartEvent, it fails with "illegal character" message.

Solution

Note: To view this solution you need to Sign In .