|
|
| Subject: | get the "user" value in Windows Event Details |
| Author: | [Not Specified] |
| Posted: | 2016-05-03 01:50 |
How to use transform scriptto get the "user" value in Windows Event Details collected by Zenoss
For Event ID Microsoft-Windows-ActiveDirectory_DomainService_2896, I would like to drop the event if the user value is of account "system"
version: 4.2.4 Zenoss core
| < |
Previous Can someone explain how adding new roles works in Zenoss Core 5? |
Next Event summary vs Event message and the Core Admin guide discussion |
> |