Implementing Centralized Event Logs
The "Implementing Centralized Event Logs" module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics.This module includes the following exercises: Prepare Event Logs Subscription Prerequisites, Configure Event Collector Subscription, View Forwarded Event Logs.
The Implementing Centralized Event Logs module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics.This module includes the following exercises:
- Prepare Event Logs Subscription Prerequisites
- Configure Event Collector Subscription
- View Forwarded Event Logs
The following exam objectives are covered in this lab:
- Enable Windows Remote Management on computers that will forward event logs
- Configure event collector service on management console
- Create a subscription on event collector workstation
- View collected event logs on management console
It will take approximately 1 hour and 10 minutes to complete this lab
Exercise 1 - Prepare Event Logs Subscription Prerequisites
Management of event logs generated by Windows Server computers or workstations can be collectively organized by setting up event log forwarding. Typically, a management workstation like Windows 10 can be designated as the central collection point of Event Logs coming from Windows devices. This computer is the event collector computer and is configured with a subscription to collect event logs from other Windows devices in the same domain.
Windows servers or workstations that will forward event logs must be enabled to allow incoming connection to its Windows Remote Management (WinRM) service. The subscription configured on the event collector computer will collect event logs from other Windows computers.
In this exercise, you will prepare the event subscription prerequisites on the event log forwarders and event collector workstation.
Exercise 2 - Configure Event Collector Subscription
After setting up the prerequisites on the event forwarders and event collector computer, you will configure the management workstation that will receive event logs from other computers.
Exercise 3 - View Forwarded Event Logs
In the previous exercise, you have successfully configured the subscription settings of the Event Collector workstation. This time, you will test the functionality of the event collector computer to verify that it can receive the event logs of the remote servers.
IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.
See the full benefits of our immersive learning experience with interactive courses and guided career paths.