This article fixed my issue.
Seems like very version of WinRM or Event Collections has some issue with SDDL perms.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I'm trying to find the correct details on Event forwarding the security logs from all systems including DC's. I've added my system to the Event Log Readers group both for the Domain and on Systems. Gathering from Event logs still fails to work. I do not get information from security logs. Other logs are fine.
I truly need help. I've been trying for so long to get this stuff to work. All the document are either old or don't work or miss a step or are for a different OU and asking to adjust something that isn't there.
Is there a book to recommend? I'll do anything at this point. What a pain .
This article fixed my issue.
Seems like very version of WinRM or Event Collections has some issue with SDDL perms.
I have found this command that says it does but the security logs are not read.