So LEM has some REAL good details when you ask it for things.
But this guy with all the text all over the place makes things sometimes hard to read - is there anyway anyone knows to format it so like all the fields align on the left?
So - what I'm envisioning this to look like is something like
Event Name: data
EventInfo: data
InsertionIP: 0.0.0.0
Manager: data
DetectionIP: 0.0.0.0
InsertionTime: datatimestamp
DetectionTime: datatimestamp
Severity: severitycodedata
ToolAlias: data
so on and so forth... or is this a weird "Jeremy, you set it up wrong" type deal
I mean I realize trunking the data you can fit a bit more on each line in that results panel and that theoretically you "could" be sorting via the search tool to refine or is that more the point?
It'd be pretty cool if there were some toggle switches on the results panel too where you could hide certain fields - which might eliminate some of the "noise" (Ok - its not really noise but if I'm looking for SourceMachine:A going to DestinationMachine:B on DestinationPort: 5656 I might not really want to know about severity or toolalias at that super-specific point in time that someone is breathing down my throat to find - only to find out LEM isn't looking at A or B *NOT A REAL STORY, I SWEAR)