I have looked around, but not found any help.
I have a live view of the web filtering logs open.
I only want to show actions that are block or blocked.
I thought it used regex to do this. I tried:
(\W|^)blocked(\W|$) and (\W|^)block(\W|$)
Neither had any affect.
I also tired just the word block and blocked. I hit enter at the end of each keyword and regex entry.
I have tried the latest versions of Chrome and Firefox. The UTM is up to date. The Filter has never done anything for me.
Can anyone please explain this to me?
Also, is there a good way to parse Sophos logs? They do not use a csv format or any other easy to parse format that I can see. I do a lot in Excel...
Thanks,
C68
This thread was automatically locked due to age.
