Manage Windows Event Logs
Welcome to the "Manage Windows Event Logs" Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.
Welcome to the Manage Windows Event Logs Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.
In this module, you will complete the following exercises:
- Exercise 1 - Prepare Event Logs Subscription Prerequisites
- Exercise 2 - Configure Event Collector Subscription
- Exercise 3 - View Forwarded Event Logs
After completing this lab, you will be able to:
- Set up Event Log subscription requirements
- Enable Event Collector subscription on a Windows client
- Verify Event Log Forwarding on a Windows client
The following exam objectives are covered in this lab:
- Understand troubleshooting methodology - Event Viewer, central logging, event filtering, default logs
It will take approximately 45 minutes to complete this lab.
Exercise 1 - Prepare Event Logs Subscription Prerequisites
Management of event logs generated by Windows Server computers or workstations can be collectively organized by setting up event log forwarding. Typically, a management workstation like Windows 10 can be designated as the central collection point of Event Logs coming from Windows devices. This computer is the event collector computer and is configured with a subscription to collect event logs from other Windows devices in the same domain.
Windows servers or workstations that will forward event logs must be enabled to allow incoming connection to its Windows Remote Management (WinRM) service. The subscription configured on the event collector computer will collect event logs from other Windows computers.
In this exercise, you will prepare the event subscription prerequisites on the event log forwarders and event collector workstation.
Exercise 2 - Configure Event Collector Subscription
After setting up the prerequisites on the event forwarders and event collector computer, you will configure the management workstation that will receive event logs from other computers.
Exercise 3 - View Forwarded Event Logs
You have successfully configured the subscription settings of the Event Collector workstation. Connection to the event forwarders like PLABDC01 and PLABDM01 were verified as successful as some system modifications like security group membership and WinHTTP proxy settings were configured earlier. For this exercise, you will test the functionality of the event collector computer and verify that it can receive the event logs forwarded by remote Windows server computers.
IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.
See the full benefits of our immersive learning experience with interactive courses and guided career paths.