Skip to content
Skip to content
Gooseleggs Site

Ramblings

← Remove security headers from HTTP responses
Teamviewer quick link →
-->

Event Log XML Filtering

Posted on June 16, 2019 by admin

Been doing a lot with Elastic Stack and log ingestion. I had a very basic configuration file for NXlog for grabbing security events. However, I was getting lots of eventlogs into ElasticStack that I was not filtering on. So, as always, better to filter at the beginning and not at the end. I used this blog to help me understand my filtering a lot better. This in turn reduced my number of events going into ElasticStack

https://blogs.technet.microsoft.com/askds/2011/09/26/advanced-xml-filtering-in-the-windows-event-viewer/

This entry was posted in Uncategorized. Bookmark the <a href="https://www.thesmithcave.nz/?p=259" title="Permalink to Event Log XML Filtering" rel="bookmark">permalink</a>.
← Remove security headers from HTTP responses
Teamviewer quick link →

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

© 2025 | Blog info WordPress Theme | By Bharat Kambariya