This website uses cookies. By continuing to browse or login to this website, you consent to the use of cookies. Learn more.
OK
nbadgujar
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
‎2017-01-19 11:05
346 views

Not receiving security logs from AD server


Hello Team,

I have configured AD server to the SIEM.

Agent type: windowsfg

Agent Version: 7.0.7.7279.0

everything was working fine few days back but now we are not receiving security logs.

we are receiving only application and system logs.

can someone let me know what may be the issue ?

I am not getting any error message as well in agent.log file.

I also check the security logs on the AD server, logs are available there.

Regards,

Naresh

Labels (1)
Labels
0 Likes
Reply
Report Inappropriate Content
4 Replies
anwer.alg
Ensign
Ensign
‎2017-01-19 12:42

Intersting,

Id recommend to check hparcsight account user privileges,

Also make sure that you ticked security logs after adding the servers to the windows unified connector.

And why would you be using such an old agent version?

0 Likes
Reply
Report Inappropriate Content
nbadgujar
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
‎2017-01-19 12:49

User Privileges are fine.

Security logs are also ticked on ARC MC

yes we are planning to upgrade it.

0 Likes
Reply
Report Inappropriate Content
nbadgujar
Cadet 2nd Class Cadet 2nd Class
Cadet 2nd Class
‎2017-01-19 14:46

issue resolved after moving server to another container , but any one know what went wrong which cause this issue.

As other servers on the same container is working properly.

0 Likes
Reply
Report Inappropriate Content
younuspatel
Absent Member.
Absent Member.
‎2017-01-20 06:16

Hi Naresh,

You check with any network monitoring tool on the server. I feel this is server issue you can use native connector. this will work fine in heavy load.

regards,

younus

0 Likes
Reply
Report Inappropriate Content
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.