Log Filtering Issues

Question asked by Carlos Santos on Jul 18, 2018
Hi everyone,


I'd like to post this query before I move to support, maybe I'm doing/assuming something wrong here.


So a very simple log filter query "domain"

Searching shows a lot of information...

Now let's use "domain-udp"

comparing domain with domain-udp, domain-udp is, to me, more specific than just domain, right? ...Wrong?

I would say, this is a typical WTF?! question, but as I said above, maybe I'm doing/assuming something wrong with this search filter.

I narrowed down the time to get the highlighted dropped domain-udp sessions from the previous search.

The only difference I notice is the log type: the geo drops are marked as "log" were as for the matched rules are type: connection, but still we have a drop in the middle that hits the clean-up rule 180.


Can anyone explain to me, or is this really a support issue?


Best regards,