Yes, while this may be configurable at the log source (software writing to this log), it is more easily achieved within the Gravwell Windows Events ingester.
Open the config file with your chosen text editor for the system that is running the Windows Events Ingester service; you'll find the config.cfg under the following directory:
C:\programdata\gravwell\eventlog
To filter per log level, the option Level=<value> must be set per log stanza per level you wish to collect:
i.e.
[EventChannel "system"]
Tag-Name=windows
Channel=System
Level=critical
Level=error
Level=warning
[EventChannel "application"]
Tag-Name=windows
Channel=Application
Level=informationNOTE: If the option Level=<value> is NOT set, logs of all levels will be collected
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article