Article Content
Article Number | 000038047 |
Applies To | RSA Product Set: NetWitness Platform RSA Product/Service Type: Core Appliance RSA Version/Condition: 11.3.1.0 Platform: CentOS O/S Version: 7 |
Issue | Windows event source configured as per WinRM configuration guide and Test connection success. However, logs are not coming to NetWitness due to below errors in Collector. /var/log/messages:
|
Cause | This issue is due to read events access was not granted for security channel logs for Event Log Readers group and Network Service account. |
Resolution | Please follow the below steps to grant read events access to the security channel.
|