Windows Device
Does the given credentials of a Windows device have permission for log collection?
Case 1: The account is a local administrator or a domain administrator. The credentials will, by default, have the required permissions. Case 2: The account is a non-admin domain user. Provide the non-admin domain user with the required permissions. ...
Enabling historic log collection in EventLog Analyzer
EventLog Analyzer collects all the logs present in the Windows Event Viewer (i.e., Windows Logs > Application, Security, System) when the historic log collection option is enabled. To enable historic log collection, follow the steps below: Navigate ...
Windows device status: Access denied
The Access denied error indicates that the user account dedicated for log collection does not have the necessary access and permissions to collect logs from the respective devices. There are two approaches to fixing the error: Using a domain admin ...
Windows device status: RPC server is unavailable
The RPC server is unavailable error will be displayed in the device status field if there isn’t any communication between the EventLog Analyzer server and the respective machine from which the logs should be collected. This lack of communication ...
Configuring event sources
Follow the step-by-step procedure below to configure event sources in EventLog Analyzer. To start with, ensure that the following ports and protocols are available for configuring the event source. Port 139 and 445: SMB and Remcom protocols 135, 137, ...