Windows xp security event log not updating

Rated 4.50/5 based on 529 customer reviews

Even if you have a small environment with a few servers here and there, after a while is becoming more and more difficult and time consuming to read the events on all of them.

Purchasing a dedicated software solution just doesn’t cut it because of the budget constraints, but you still have to know what errors, alerts or messages your servers are throwing. Event Forwarding allows administrators to get events from remote computers, also called source computers or forwarding computers and store them on a central server; the collector computer.

To follow the principle of least privilege rule we need to add the account to the local Event Log Readers group on the forwarder computers.

This way we give it just the rights it needs and no more.

The minimum operating system level required on the source computers is Windows XP SP2 with minimum Windows Remote Management 1.1 installed.

Repeat the process for the rest of the forwarders you have, and once you’re done adding them click OK.

You can also create a security group in AD which contains all the forwarder computers and add the group to this list.

Click Add Domain Computers then provide the name of the first forwarder computer.

Stupid thing here because it won’t let you add multiple computer accounts at once.

Leave a Reply