Managing Windows Event Logs
The "Managing Windows Event Logs" module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Prepare Event Logs Subscription Prerequisites, Configure Event Collector Subscription, View Forwarded Event Logs, Working with Event Log Views.
The Managing Windows Event Logs module provides you with the instruction and Server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:
- Prepare Event Logs Subscription Prerequisites
- Configure Event Collector Subscription
- View Forwarded Event Logs
- Working with Event Log Views
The following exam objectives are covered in this lab:
- Enable Windows Remote Management on computers that will forward event logs
- Configure event collector service on management console
- Create a subscription on event collector workstation
- View collected event logs on management console
It will take approximately 1 hour and 10 minutes to complete this lab
Exercise 1 - Prepare Event Logs Subscription Prerequisites
Management of event logs generated by Windows Server computers or workstations can be collectively organized by setting up event log forwarding. Typically, a management workstation like Windows 10 can be designated as the central collection point of Event Logs coming from Windows devices. This computer is the event collector computer and is configured with a subscription to collect event logs from other Windows devices in the same domain.
Windows servers or workstations that will forward event logs must be enabled to allow incoming connection to its Windows Remote Management (WinRM) service. The subscription configured on the event collector computer will collect event logs from other Windows computers.
In this exercise, you will prepare the event subscription prerequisites on the event log forwarders and event collector workstation.
Exercise 2 - Configure Event Collector Subscription
After setting up the prerequisites on the event forwarders and event collector computer, you will configure the management workstation that will receive event logs from other computers.
Exercise 3 - View Forwarded Event Logs
In the previous exercise, you have successfully configured the subscription settings of the Event Collector workstation. This time, you will test the functionality of the event collector computer to verify that it can receive the event logs of the remote servers.
Exercise 4 - Working with Event Log Views
When working with Windows Event Logs, you can collect detailed system information from other Windows services by expanding Applications and Services Logs folder. The number of event logs recorded by Windows can be overwhelming at the start. However, you can use features like Find or Filter Current Log to locate a specific event log that meet your search criteria.
This tool can be helpful when diagnosing errors that may be caused by unintended modification on software settings or errant device drivers for hardware components.
In this exercise, you will learn how to work with Windows Event Viewer.
IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.
See the full benefits of our immersive learning experience with interactive courses and guided career paths.