Re: Windows 2008R2 x64 Event Log monitoring
Posted: Thu Nov 28, 2013 6:10 pm
You will need to add the defaults to the nsclient.ini file (can't remember the exact command for that but please GOogle it or look in documentation of nscp...) Then you can add the part you want of the [/settings/eventlog/real-time] to the nsclient.ini located in the nscp installation folder... Everything is very nice documented. Read the link lmiltchev gave you.. I recommend using 0.4.1.102 as 0.4.2 is not yet mature enough for production servers imo..
By the way, the info I gave you is just an example. You will need to make your own nsclient.ini file with the exclusions / inclusions of event id's you need and send it to your own respective passive services....
By the way, the info I gave you is just an example. You will need to make your own nsclient.ini file with the exclusions / inclusions of event id's you need and send it to your own respective passive services....