3 Replies Latest reply on Aug 1, 2017 2:14 PM by banipal

    Ignoring/Dropping certain log events


      Could someone please point me to some documentation for how to do this?  I want to ignore certain log messages coming from a designated source agent.  I've been scratching my head over this for hours.  We have some file audit logs that are writing log messages at a rate of hundreds per second and I need to drop some of them.


      So, just to be clear, I'm not talking about alerting or filtering or anything like that.  I want the LEM to drop the log message and never store it on disk based on the specified criteria.  Ideally, it would be helpful if there were a way to tell the remote agent to never send specific log messages based on specified criteria.  I don't want to drop all messages from the agent, just ones matching some kind of criteria.


      Any help appreciated.  Thanks!


      -- Andy