cancel
Showing results for 
Search instead for 
Did you mean: 

WMI Event logs

Jump to solution

The basic screen for configuring a WMI Event Log data source looks following:

http://oi48.tinypic.com/19371x.jpg

@ Event Logs, you only can collect logs from SYSTEM, APPLICATION, SECURITY.

I'm also interested in other logs but i'm unable to add them next to those 3.

Anyone could help me out?

1 Solution

Accepted Solutions
jaimen
Level 9
Report Inappropriate Content
Message 7 of 7

Re: WMI Event logs

Jump to solution

The event logs section is simply a comma seperated list of logs you want to collect.  It is notlimited to those 3 logs.  Simply add the other logs in the Windows Log viewer you wish to collect.

For example in addition to Application, Security and System, some systems have Setup, Internet Explorer, Sql Server, Or Forwarded event logs.  You can add those to the list seperated by commas.

6 Replies
artek
Level 11
Report Inappropriate Content
Message 2 of 7

Re: WMI Event logs

Jump to solution

Hi,

you could go to the registry: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog -  there you can find the proper names of the Event groups.

Or - you can install the McAfee Event Collector, add new group, then host and WMI configuration - to display all possible options.

Regards,

Artur Sadownik

Re: WMI Event logs

Jump to solution

That helped a lot.

Which solution do you personally suggest?

I've been struggling with the McAfee Event Collector.

http://oi47.tinypic.com/1zmc8qs.jpg

I don't know what to fill in at: "other account".

Do I have to set it up first on the receiver itself?

artek
Level 11
Report Inappropriate Content
Message 4 of 7

Re: WMI Event logs

Jump to solution

Wulfios - you should to use windows credentials, working on the Windows machine, from whom you are going to collect a logs. For example:

Account: domain\administrator

or: hostname\adminnistrator

and the proper password for that user.

Regards,

Artur Sadownik

Re: WMI Event logs

Jump to solution

I've tried all possible combinations and still getting the "no hosts have been configured ..." error.

I'm 100% sure i'm logging in with the correct credentials.

Message was edited by: wulfios on 3/26/13 5:24:18 AM CDT
artek
Level 11
Report Inappropriate Content
Message 6 of 7

Re: WMI Event logs

Jump to solution

Wulfios - did you configure group and host before validating the credentials?

Regards,

Artur

jaimen
Level 9
Report Inappropriate Content
Message 7 of 7

Re: WMI Event logs

Jump to solution

The event logs section is simply a comma seperated list of logs you want to collect.  It is notlimited to those 3 logs.  Simply add the other logs in the Windows Log viewer you wish to collect.

For example in addition to Application, Security and System, some systems have Setup, Internet Explorer, Sql Server, Or Forwarded event logs.  You can add those to the list seperated by commas.