01-07-2009 02:03 PM
When I pull Windows Logs, I am not getting application logs, it seems like we are getting the Security logs only. I have 6.02. What causes this, and how do we capture the Application Logs?
01-15-2009 02:54 PM
Once you've prepared the Microsoft Windows host, you must identify that host in MARS and identify whether the push or pull method is being used on that host.
To configure the MARS Appliance to either pull or receive logs, follow the steps in the below URL:
01-20-2009 07:09 AM
Personally, I would recommend the snare agent and push method for handling the Windows logs. By doing this you can filter out which events you want to send from the different Event Logs and avoid sending extraneous events.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide