Update transforms.conf

Vagrant/resources/splunk_server/transforms.conf

@@ -23,3 +23,15 @@ FORMAT = nullQueue
 REGEX = "Script\sName\s=\sC\:\\Program Files\\AutorunsToWinEventLog\\AutorunsToWinEventLog.ps1"
 DEST_KEY = queue
 FORMAT = nullQueue
+
+[removeEventDesc1]
+LOOKAHEAD = 20000
+REGEX = (?msi)(.*)This event is generated
+DEST_KEY = _raw
+FORMAT = $1
+
+[removeEventDesc2]
+LOOKAHEAD = 20000
+REGEX = (?msi)(.*)The subject fields indicate
+DEST_KEY = _raw
+FORMAT = $1