I am using Splunk to send log source data to QRadar and need to find a way to filter out certain unwanted log events. Do you know of a way to filter out unwanted log events?
FYI - I am sending the log data to QRadar via our 5 indexers.
Take a good look at this:
And if you need more information see this other doc too: