I'm trying to get event log forwarding working. I'm trying source initiated.
After I add the collection I restart WINRM which seems to ensure the collection works. I get an initial dump from the source system. After that NOTHING.... I'm purposely generating events and nothing. What's wrong?
I have been searching for the polling intervals and so on but I'm not having much luck on what to adjust. It seems like the default interval should work. I've just been waiting and clicking RETRY on the Event Viewer MMC.
Help would be much appreciated. It's a mystery and so difficult to get this to work. I don't understand why it's so hard. I'm just trying to follow the most basic setup and it takes forever to setup then doesn't work... Ugh.
I HATE THE TAGGING SYSTEM ON MS Q AND A. IT MAKES NOT SENSE!!! PLEASE FIX!!!!!!