...
- Create a view that filters out all events coming from the Rule with the ID "WinEvtLog_unknown"
- Disable the rule "WinEvtLog_unknown", so those events will be dropped (or archived).
Further information
More information regarding Event Console is available on our:
Related articles
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...