Hello All,
Do we have any kind of setting in WinRM service to run and send the logs on DEBUG, INFORMATION, CRITICAL, ALL.
So if we want only the logs which are CRITICAL in Windows machine and the machine is configured through WinRM with Security Analytics.
Then how we will be able to recieve those logs in SA.
Any setting in WinRM that we can change or set according to our requirement.
Kindly suggest someone on this, I am waiting for your response.
Thanks to all.
It's a windows limitation that you cannot granularly select which types of events you want to receive.
Hope this helps.