Could you just confirm - does the "IGNORE_FIELDS" setting take effect before the logs are collected, or once they are written to the log file locally?
If I understood the code correctly, they are filtered out when the opsec connection is initiated, and just aren't sent back to the collecting device - correct?
Hi,
Could you just confirm - does the "IGNORE_FIELDS" setting take effect before the logs are collected, or once they are written to the log file locally?
If I understood the code correctly, they are filtered out when the opsec connection is initiated, and just aren't sent back to the collecting device - correct?
Thanks, James