Hello, I created an Elastic agent policy to attach it few hosts and while creating it - I checked the Collect agent logs checkbox under Agent Monitoring section.
Now in the events in discover tab, I see dataset as "elastic_agent.filebeat" displayed and events are getting created. There are certain events that I would like to drop and not track as part of this agent integration. How can I drop those events with Elastic Agent Integration enabled and monitoring everything on the host by default. Is there a way to achieve this ?
I am asking since Elastic Agent Integration are automatically created when the policy is created and I could not find a way to drop events for the default Elastic Agent policy in the documentation. Any insights?