Document the max number of IDs that can be used for filtering per ins…

…tance (#9749)

* document event id filtering limitation

* changed wording up a bit

* changed wording up a bit

* Update win32_event_log/datadog_checks/win32_event_log/data/conf.yaml.example

Co-authored-by: Jorie Helwig <[email protected]>

* Update win32_event_log/datadog_checks/win32_event_log/data/conf.yaml.example

Co-authored-by: Jorie Helwig <[email protected]>

* edit spec to include new note in conf.yaml.example

* edit spec to generate new config template

Co-authored-by: Jorie Helwig <[email protected]>

win32_event_log/assets/configuration/spec.yaml

@@ -107,6 +107,10 @@ files:
           - type > https://docs.microsoft.com/en-us/windows/win32/eventlog/event-types
           - id > https://docs.microsoft.com/en-us/windows/win32/eventlog/event-identifiers
 
+          /\ WARNING /\
+          Due to a limitation in the Windows events API, the maximum filtering on event IDs is 20 IDs per instance.
+          Because of this, you may need to split the ID filtering into multiple instances.
+          
         For advanced and more granular filtering, define a `query`.
 
         If `filters` nor `query` is specified, then all events from the subscribed `path` will be collected.

win32_event_log/datadog_checks/win32_event_log/data/conf.yaml.example

@@ -99,6 +99,10 @@ instances:
     ##   - type > https://docs.microsoft.com/en-us/windows/win32/eventlog/event-types
     ##   - id > https://docs.microsoft.com/en-us/windows/win32/eventlog/event-identifiers
     ##
+    ##   /\ WARNING /\
+    ##   Due to a limitation in the Windows events API, the maximum filtering on event IDs is 20 IDs per instance.
+    ##   Because of this, you may need to split the ID filtering into multiple instances.
+    ##   
     ## For advanced and more granular filtering, define a `query`.
     ##
     ## If `filters` nor `query` is specified, then all events from the subscribed `path` will be collected.