Exclude event that endpoint security send to elasticsearch

Hi all
i have been trying elastic agent endpoint for sometime.
So i notices that endpoint mornitor for file is really large. like it logs even when i create a file and tmp file which can generate a lots of logs that is unnecessary for me and also can be a lots for our data node which has already max out its capacity.
If any one recommend to delete the data. I cant because i need to retain those data for future investigation if needed.
I want to simply exclude the type of data that endpoint will logs and send to elastic.
Thanks all for your time.

Hi @lusynda

This type of thing is already on our roadmap. It's nice to see some validation that it would be useful in the real world.

1 Like

Great to know that.
So can i get to see that roadmap to get a ideal of what to expect.

1 Like

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.