adepasquale
commented
7 years ago This part of the code was written by the FW1-LogGrabber v1 original authors.
To me, it looks like the filtering is done on the processing side, once the log files are written locally.
Hi,
Could you just confirm - does the "IGNORE_FIELDS" setting take effect before the logs are collected, or once they are written to the log file locally?
If I understood the code correctly, they are filtered out when the opsec connection is initiated, and just aren't sent back to the collecting device - correct?
Thanks, James