I am looking for a solution where we can create a much advance and complex exclusion list.
I was reading and Sideload seems to be of help.
Please consider this simplified used case (for brevity only 3 hosts but in production there are hundreds of hosts)
We got 3 Hosts:
3 Target process to exclude from alerting:
Exclude Process_31 on Host_1 from alerting.
Exclude Process_42 on Host_2 from alerting.
Host_3 would alert on both.
Example of a Sideload Directories:
How to handle this in the yml file:
I could think of the following but it does not work and alert on all processes.
Would love to hear if anyone has any idea.