Versions Compared

Old Version 16

changes.mady.by.user Customer Success & Engineering (Unlicensed)

Saved on

compared with

New Version 17

changes.mady.by.user Customer Success & Engineering (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

On the collector computer, type the following command on command prompt:

1. >>  wecutil qc

Now create a New Subscription

2>>  On the collector computer in search box, run Event Viewer as an administrator.

3  >>  Click Subscriptions in the console which is situated in the left side

4  >>  Start Windows Collector Service

If the Windows Event Collector service is not started, you will be prompted to confirm that you want to start it. This service must be started to create subscriptions and collect events. You must be a member of the Administrators group to start this service.

5  >>  On the actions menu, in right side click on the create subscription.

6  >>  In the Subscription Name box, type a name for the subscription

7  >>  In the Description box, enter an optional description.

8  >>  In the Destination Log, select the log file with help of dropdown where collected events are to be stored. Please make sure that the collected events are stored in the "System" log.

>>  now click on select computers from which events are to be collected

Image Removed

Now put the computer name one by one

Image Removed

10  >> After adding a computer, you can test connectivity between it and the local computer by selecting the computer and clicking Test.

11  Click on "Advanced ">> Select "Specific User">>Enter the credentials of the admin user of the Collector system.

Image Removed

12 Click Select Events to display the Query Filter dialog box. Use the controls in the Query Filter dialog box to specify the criteria that events must meet to be collected.

In the "Event Level part", click on all critical, warning, verbose, error and information for all events.

Also, select the "By log" option, and then choose

Image Added

>> Now click on the add domain computer

Image Added

>> In object name put your computer name one by one

Image Added


>> Now click on select events

Image Added

>> and click on all the events Critical, Warning, Verbose, Error, Information 

Image Added

>> After that drop down the events logs and in envent logs follow this path microsoft-windows-DriverFrameworks and click on the ok
 choose "Windows Log" in the dropdown.for the Application and Services -

1. Click on + next to Application & Services:

...

4. Check the box next to "DriverFrameworks-UserMode"


Image RemovedImage Added

>>Then click on the advance tab

Image Added


>> Select "Specific User" and then click on user name and password

Image Added


>> And put the username and password with the admin privilege

Image Added


Click OK.

13

 >> Click OK on the Subscription Properties dialog box. The subscription will be added to the Subscriptions pane.

To check the status,

Right click on the Subscription name, select "runtime status". if the operation was successful, the Status of the subscription will be Active.

...