Field Comparisons with Variable or Static Values

For any field comparison, a drop-down menu of variables is provided for the right side of the statement. Or you can type a value here.

The CCE provides a field comparison ability that allows you to compare one field to another field (for example, AttackerHostName = AttackerUserName). This functionality is available on the Console wherever the CCE is available (in Rules, Reports, Filters, and so on). If the fields you are comparing are numeric, the fields can be of different numeric types, for example, a long type compared to a floating point type.

Left-side event attributes can be compared to right-side conditions (represented as variables or static values) using operators like equals (=), is not equal to (!=), is less than or equal to (<=), is greater than or equal to (>=), is less than (<), is greater than (>), and so forth (see Logical Operators).

Micro Focus Security Community
All Documentation
Support
Education
Send Us Feedback

Close

We welcome your comments!

You can either:

Open an email window.

Or copy the information below to an email client and send the email to Documentation-Feedback@microfocus.com.

Help Topic ID:

Product:

Topic Title:

Feedback: