Does the given credentials of a Windows device have permission for log collection?

Does the given credentials of a Windows device have permission for log collection?


Case 1: The account is a local administrator or a domain administrator.  

The credentials will, by default, have the required permissions.

 

Case 2: The account is a non-admin domain user.  

  1. Provide the non-admin domain user with the required permissions. Learn how here.

  2. Verify the credentials using WBEMTEST. Learn more about WBEMTEST.

  3. Open the ELA_HOME\troubleshooting\invokeWBEMTEST.bat file using administrator privileges.

  4. Click Connect, provide credentials of the Windows device, and click Connect once again.

                         a. Sometimes log collection fails when the device name is used but succeeds when using the IP address or Fully                 Qualified Domain Name (FQDN). If connection fails, try connecting using the IP address or FQDN.

  5. Once connected, click Query and try the following queries:
              a. Select CurrentTimeZone, Version, Name from Win32_OperatingSystem
              b. Select * from win32_ntlogevent

These queries should be completed for EventLog Analyzer to successfully collect logs from the Windows device.





      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                      Related Products