To whom this may concern,
For my given use case, I collect syslogs which help identify unusual behavior on our systems. On occasion, however, our InfoSec team runs vulnerability scans (etc) and our ElasticSearch server get's overwhelmed by the massive amounts of logs generated. For this purpose I would like to exclude any logs to be indexed that contain a particular static IP.
Any ideas or suggestions are welcome.