•Computer - The name of the computer on which this event was logged by DeviceLock Service. This field is case-insensitive.

•Server - The name of the computer running DeviceLock Enterprise Server that received the event from DeviceLock Service. This field is case-insensitive.

•Event ID - The ID number of the event. To enter multiple numbers, separate them with a semicolon (;).

•Generated Date/Time - The time range settings to filter events by time they were logged by DeviceLock Service.

•Received Date/Time - The time range settings to filter events by time when DeviceLock Enterprise Server received them from DeviceLock Service.

•Consolidation - The fields to filter by log consolidation-related data (see Consolidating Logs):

•Server - The name of the remote server from which the event was last received during log consolidation. This field is case-insensitive, and allows the use of wildcards (* and ?). To enter multiple values, separate them with a semicolon (;).

•From, To - The time range settings to filter events by time they were last received from the remote server during log consolidation.

•From - The beginning of the time range. Possible values:

•First Event - Filter starting with the earliest date and time in the respective log field.

•Events On - Filter starting with a particular date and time.

•To - The end of the time range. Possible values:

•Last Event - Filter ending with the latest date and time in the respective log field.

•Events On - Filter ending with a particular date and time.

•Filter conditions are combined by AND logic, that is, a given record matches the filter if it matches each of the filter conditions. Clear the fields that are not to be used in the filter conditions.

•Filter string fields may include wildcards, such as an asterisk (*) or a question mark (?). An asterisk represents zero or more characters; a question mark represents any single character.

•A filter string field may include multiple values separated by a semicolon (;). In this case, the values are combined by OR logic, that is, a given record matches the filter condition on a particular field if it matches at least one of the values specified in that field.

•The Clear button in the Filter dialog box provides the option to remove all the defined filter conditions and start setting up a new filter from scratch.

•The Save and Load buttons in the Filter dialog box are used to save the filter conditions to a file and to load previously saved filter conditions from a file.

•The filter is applied to the data shown in the event list columns. Since the Name, Reason and Information columns may include device descriptions, the filter may cause the list to include (or exclude) devices whose description matches the filter condition in the Name, Reason or Information field.

•An event satisfies the filter condition if any part of the Name, Reason or Information column data matches the respective filter field. For example, events with USB device (USB-Admin), USB device (Admin) or USB device (Administrator) in the Name column match the filter condition with Admin specified in the Name field.

•As applied to device descriptions in the Name, Reason or Information column, wildcards such as * or ? function as separators in the respective filter fields. An event matches the filter if any part of the column data matches any part of the filter data separated by a wildcard. For example, events with a device description in the Name column that includes Admin or User, such as USB device (Administrator) or USB device (USB-User), match filter conditions that have User*Admin specified in the Name field.