Filter out "INFORMATIONAL" Messages to send to Loggly

Post a different question
2
responses

hi all
Fairly simple one i think
we send way too many "informational" Messages from a few of our Windows servers to Loggly
i want to simply stop sending those "informational" messages
any help would be appreciated
Dale

AskedNovember 4, 2020 - 11:22pm

Answer (1)

Hey Dale,

Filtering in NXLog is relatively straight forward. With Windows Event Log sources you have a couple options.

The NXLog way can be described in general here:
https://nxlog.co/documentation/nxlog-user-guide/filtering.html

More detail on filtering Event Log specifically can be found here:
https://nxlog.co/documentation/nxlog-user-guide/eventlog-filtering.html

This will show filtering within the XML Query as well as using the Exec Block to filter out events. Both ways work.

-Jesse

AnsweredNovember 8, 2020 - 10:32pm

Comments (1)