How to Exclude System Account From Event Log
Questionβ
In some cases, for example, if an Antivirus running under the SYSTEM account generates multiple events and saturates the Windows logs, you might want to exclude the SYSTEM account from being shown in the Windows Event Logs or got monitored at all.
This article answers the question on how to exclude the SYSTEM account from logs.
Answerβ
You can do that in two ways:
- Set a filter for the
SYSTEMaccount to not show in the event logs. Learn more in Windows Event Viewer β How to Filter Events βΈ± Microsoft π€ - Change the audit policy for the
SYSTEMaccount to not get monitored. Learn more in Windows Event Viewer βΈ± Microsoft π€