This search has completed and has returned 124,758 results by scanning 135,534 events in 6.858 seconds This search has completed and has returned 311,256 results by scanning 343,584 events in 13.057 seconds This search has completed and has returned 124,758 results by scanning 135,534 events in 6.974 seconds eventtype=qualys_vm_detection_event NOT () I had to add some parentheses around the subsearch. Next up is I really like the elegance of this solution. This search has completed and has returned 311,256 results by scanning 343,584 events in 18.323 seconds This search has completed and has returned 124,758 results by scanning 135,534 events in 10.319 seconds When I tried regex trick, it didn't filter anything out. This search has completed and has returned 311,256 results by scanning 343,584 events in 13.116 seconds This search has completed and has returned 124,758 results by scanning 135,534 events in 6.986 seconds This search has completed and has returned 343,584 results by scanning 343,584 events in 13.817 seconds This search has completed and has returned 135,534 results by scanning 135,534 events in 7.27 seconds Tests were done in the evening with no other users on the SH.įirst a control. ![]() I'm running v6.6.3 on a stand alone search head with 3 indexers. So I built a query for all the options above and ran them over a 24 hour period using Fast Mode. Wow, look at all the options! This required some testing! So I have Qualys data and was sent a list of 43 QIDs they want filtered out.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |