Overview

Introduction

Welcome to the Manage Windows Event Logs Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Exercise 1 - Prepare Event Logs Subscription Prerequisites
  • Exercise 2 - Configure Event Collector Subscription
  • Exercise 3 - View Forwarded Event Logs

After completing this lab, you will be able to:

  • Set up Event Log subscription requirements
  • Enable Event Collector subscription on a Windows client
  • Verify Event Log Forwarding on a Windows client

Exam Objectives

The following exam objectives are covered in this lab:

  • Understand troubleshooting methodology - Event Viewer, central logging, event filtering, default logs

Lab Duration

It will take approximately 45 minutes to complete this lab.

Exercise 1 - Prepare Event Logs Subscription Prerequisites

Management of event logs generated by Windows Server computers or workstations can be collectively organized by setting up event log forwarding. Typically, a management workstation like Windows 10 can be designated as the central collection point of Event Logs coming from Windows devices. This computer is the event collector computer and is configured with a subscription to collect event logs from other Windows devices in the same domain.

Windows servers or workstations that will forward event logs must be enabled to allow incoming connection to its Windows Remote Management (WinRM) service. The subscription configured on the event collector computer will collect event logs from other Windows computers.

In this exercise, you will prepare the event subscription prerequisites on the event log forwarders and event collector workstation.

Exercise 2 - Configure Event Collector Subscription

After setting up the prerequisites on the event forwarders and event collector computer, you will configure the management workstation that will receive event logs from other computers.

Exercise 3 - View Forwarded Event Logs

You have successfully configured the subscription settings of the Event Collector workstation. Connection to the event forwarders like PLABDC01 and PLABDM01 were verified as successful as some system modifications like security group membership and WinHTTP proxy settings were configured earlier. For this exercise, you will test the functionality of the event collector computer and verify that it can receive the event logs forwarded by remote Windows server computers.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.