I'm looking to grab individualized severity levels in a filter. Anyone know a way to go about this intelligently?
Ideally I'd have a user generated filter group that says "Severity" then underneath of it I would have a filter for Level 0, Level 1, Level 2, etc. (I'll be more concerned with Level 6 & 7 since apparently I'm moonlighting as a Security guy these days too - who knew?! )
OR do I need to add all Event Types and specify the Severity Field = 0 etc. and make a giant monster filter? Anyone even try this or have I gone off the deep end of the LEM diving board?
Thanks!
