I am reviewing the enVision Windows Agentless Collection Troubleshooting guide.
But I can't seem to determine the particular issue that I am having for certain servers in one region....I am getting "application event" log data and "system event" log data but I am not getting "security event" log data.
I have enVision configured to gather all logs by default....yet no security log data is captured... I know it is being produced, because I generated some security_529 events and the admin said that he saw them appear ....
I am 100% certain that my issue is caused by a lack of privileges....can anyone guide me on which privileges are missing? Our server admin in the region is struggling to find the cause.. Also, I read somewhere within enVision
its recommended to ensure the account used by enVision is granted "local admin privileges"........but I cannot find that documented..now that I am looking for it ...can some one send me a link or document where RSA recommends this level of access ?