Troubleshooting Windows remote Event/Log Collection.(IBM Wincollect, Logrhythm SMA)
Contents Introduction 1. Connect remotely from EventViewer 2. Check Network Connection 3. Check Account Permissions 4. Check Local Firewall 5. Check Auditing Introduction Below are troubleshooting steps that can be followed to identify and fix the issues. 1.Connect remotely from Eventviewer From Wincollect/SMA connect to remote computer using Event Viewer: In the Event Viewer console, right-click Event Viewer (Computer name), where computer name is the name of the computer you are connected to. Select Connect to Another Computer. Type the computer name of the other computer, e.g. GBR-DC1, and check the box Connect as another user: <none>. Now you can provide the credentials for a user that has access to the remote computer, e.g. GBR.local\SVC_ACNT. You will be able to see the logs on remote computer after this step, or will see an error if you see error follow below steps. 2.Check network connection Check if below ports are open from W...