Security event filters use regular expressions to limit the number of events that are returned and displayed on the Network IPS appliance.
Regular expressions are sets of symbols and syntax that are used to search for text that matches specific patterns.
Regular expressions search all columns in the security events list. If you search for http.*, for example, the search returns all events that match the http protocol column and all events that begin with http.