R
Roger_That
I have configured a source-based subscription on a Windows 2016 Server for non-domain computers from another domain.
I have setup the local account and mapped it to authenticate the certificates.
I have configured 3 computers to Forward Logs to the WEC Server using HTTPS on Port 5986
The Subscription shows it is Active and shows 3 Source computers
I can run a PCAP on both the source workstations and the WEC server and see that they are communicating.
However, I am not seeing any logs in the "Forwarded Events" Log on the WEC Server
Continue reading...
I have setup the local account and mapped it to authenticate the certificates.
I have configured 3 computers to Forward Logs to the WEC Server using HTTPS on Port 5986
The Subscription shows it is Active and shows 3 Source computers
I can run a PCAP on both the source workstations and the WEC server and see that they are communicating.
However, I am not seeing any logs in the "Forwarded Events" Log on the WEC Server
Continue reading...