microsoft · zanejohnson-azure · May 13, 2026 · rashmichandrashekar · May 14, 2026 · zanejohnson-azure
@@ -11,10 +11,10 @@
 @configSchemaVersion = ""
 # Setting default values which will be used in case they are not set in the configmap or if configmap doesnt exist
 @collectStdoutLogs = true
-@stdoutExcludeNamespaces = "kube-system,gatekeeper-system"
+@stdoutExcludeNamespaces = "kube-system,gatekeeper-system,azuresecuritylinuxagent"
 @stdoutIncludeSystemPods = ""
 @collectStderrLogs = true
-@stderrExcludeNamespaces = "kube-system,gatekeeper-system"
+@stderrExcludeNamespaces = "kube-system,gatekeeper-system,azuresecuritylinuxagent"
 @stderrIncludeSystemPods = ""
 @collectClusterEnvVariables = true
 @logTailPath = "/var/log/containers/*.log"
@@ -187,12 +187,12 @@ def parseConfigMap
       return parsedConfig
     else
       puts "config::configmap container-azm-ms-agentconfig for settings not mounted, using defaults"
-      @excludePath = "*_kube-system_*.log"
+      @excludePath = "*_kube-system_*.log,*_azuresecuritylinuxagent_*.log"
       return nil
     end
   rescue => errorStr
     ConfigParseErrorLogger.logError("Exception while parsing config map for log collection/env variable settings: #{errorStr}, using defaults, please check config map for errors")
-    @excludePath = "*_kube-system_*.log"
+    @excludePath = "*_kube-system_*.log,*_azuresecuritylinuxagent_*.log"
     return nil
   end
 end
@@ -575,7 +575,7 @@ def populateSettingValuesFromConfigMap(parsedConfig)
   if (File.file?(@configMapMountPath))
     ConfigParseErrorLogger.logError("config::unsupported/missing config schema version - '#{@configSchemaVersion}' , using defaults, please use supported schema version")
   end
-  @excludePath = "*_kube-system_*.log"
+  @excludePath = "*_kube-system_*.log,*_azuresecuritylinuxagent_*.log"
 end
 
 # Write the settings to file, so that they can be set as environment variables

@@ -20,10 +20,10 @@ data:
           # In the absense of this configmap, default value for enabled is true
           enabled = true
           # exclude_namespaces setting holds good only if enabled is set to true
-          # kube-system,gatekeeper-system log collection are disabled by default in the absence of 'log_collection_settings.stdout' setting. If you want to enable kube-system,gatekeeper-system, remove them from the following setting.
-          # If you want to continue to disable kube-system,gatekeeper-system log collection keep the namespaces in the following setting and add any other namespace you want to disable log collection to the array.
-          # In the absense of this configmap, default value for exclude_namespaces = ["kube-system","gatekeeper-system"]
-          exclude_namespaces = ["kube-system","gatekeeper-system"]
+          # kube-system,gatekeeper-system,azuresecuritylinuxagent log collection are disabled by default in the absence of 'log_collection_settings.stdout' setting. If you want to enable kube-system,gatekeeper-system,azuresecuritylinuxagent, remove them from the following setting.
+          # If you want to continue to disable kube-system,gatekeeper-system,azuresecuritylinuxagent log collection keep the namespaces in the following setting and add any other namespace you want to disable log collection to the array.
+          # In the absense of this configmap, default value for exclude_namespaces = ["kube-system","gatekeeper-system","azuresecuritylinuxagent"]
+          exclude_namespaces = ["kube-system","gatekeeper-system","azuresecuritylinuxagent"]
           # If you want to collect logs from only selective pods inside system namespaces add them to the following setting. Provide namepace:controllerName of the system pod. NOTE: this setting is only for pods in system namespaces
           # Valid values for system namespaces are: kube-system, azure-arc, gatekeeper-system, kube-public, kube-node-lease, calico-system. The system namespace used should not be present in exclude_namespaces
           # collect_system_pod_logs = ["kube-system:coredns"]
@@ -32,10 +32,10 @@ data:
           # Default value for enabled is true
           enabled = true
           # exclude_namespaces setting holds good only if enabled is set to true
-          # kube-system,gatekeeper-system log collection are disabled by default in the absence of 'log_collection_settings.stderr' setting. If you want to enable kube-system,gatekeeper-system, remove them from the following setting.
-          # If you want to continue to disable kube-system,gatekeeper-system log collection keep the namespaces in the following setting and add any other namespace you want to disable log collection to the array.
-          # In the absense of this configmap, default value for exclude_namespaces = ["kube-system","gatekeeper-system"]
-          exclude_namespaces = ["kube-system","gatekeeper-system"]
+          # kube-system,gatekeeper-system,azuresecuritylinuxagent log collection are disabled by default in the absence of 'log_collection_settings.stderr' setting. If you want to enable kube-system,gatekeeper-system,azuresecuritylinuxagent, remove them from the following setting.
+          # If you want to continue to disable kube-system,gatekeeper-system,azuresecuritylinuxagent log collection keep the namespaces in the following setting and add any other namespace you want to disable log collection to the array.
+          # In the absense of this configmap, default value for exclude_namespaces = ["kube-system","gatekeeper-system","azuresecuritylinuxagent"]
+          exclude_namespaces = ["kube-system","gatekeeper-system","azuresecuritylinuxagent"]
           # If you want to collect logs from only selective pods inside system namespaces add them to the following setting. Provide namepace:controllerName of the system pod. NOTE: this setting is only for pods in system namespaces
           # Valid values for system namespaces are: kube-system, azure-arc, gatekeeper-system, kube-public, kube-node-lease, calico-system. The system namespace used should not be present in exclude_namespaces
           # collect_system_pod_logs = ["kube-system:coredns"]