Send Knowledge Base Article
The article has been sent to your inbox successfully.
We never share your data
How to filter out specific events from being monitored by the Logon Reporter software?
filter out specific events omit
KB1189 | Last review: Jul 14, 2017 | Netwrix Logon Reporter | 2.0 and above
|Question||How to filter out specific events from being monitored by the NetWrix Logon Reporter software.|
|Answer||There is ExcludeFilter.txt file in the Netwrix Logon Reporter installation folder.
This file contains a list of event parameters indicating that an event should be omitted from reports and email Detail Reports.
The event that has any of the parameters specified in this file will be omitted.
The following parameters can be specified: Computer, EventID, User, SID, UserDomain, UserName.
One entry per line is accepted in the following format: parameter:value
For example, if you want to omit all events generated by user jsmith, add the following line:
Wildcard (*) can be used to replace any number of symbols.
Few useful examples:
NOTE: If your Netwrix Logon Reporter installation directory does not contain the ExcludeFilter.txt file, please contact Netwrix Technical Support team to get the most recent version of the program.
Was this information helpful?