I have certain logs that I would like to keep on a node that I don't want to keep in SEM. For example, I would like SEM to monitor the System log in Windows Server. I would like SEM to ignore anything marked "Information" and log everything else. Is there a way to do this?
Everything I have found indicates I should instead tell Windows to drop the log. I don't want to do this, but I am willing to if it is the only way. However, the group policies that Solarwinds points to are not granular enough to do what I am trying to do.
All I want is the ability to tell SEM to ignore certain logs. It seems like it would be an obvious action to include in the Rules section, but I don't see anything like it.