I'm just starting out with Splunk and had a question about the canned reports. In the *nix app, if you go to "Log Files" -> "Errors and Warnings", there are many false positives. It seems to be picking things up like "--error-log=" for mysql in my ps command and "Removing old error log entries..." in other log files.
Is there an easy way to edit these reports so that I can exclude certain terms?