Hi,
I've created a detection policy for FIM. I've also created a detection config that prevents transmission of certain events that I don't have any interest in. For example events related to backups.
My question is: Will these events be deleted automatically or do I need to make that happen with some sort of configuration change?
You need to set the Common config to delete the logs after processing. By default, they do not get deleted.
Common Config > Logging Tab > Delete Log Files After Processing
Then apply to the assets/asset group