Jump to content


Photo

Custom Filters not saved

Netwrix Event Log Manager

  • Please log in to reply
1 reply to this topic

#1 grul23

grul23

    Newbie

  • Members
  • Pip
  • 1 posts

Posted 22 June 2015 - 04:58 PM

I had Netwrix Auditor installed as a trial-ware.

 

Once trial-ware was removed, I installed Netwrix Event Log Manager freeware to monitor few workstations.

I am in process of configuring based on admin guide but unable to save any custom filters under Audit archiving filers as well as under Real-time alerts.

 

I am using domain admin account which has full permission to local archiving folder.

GPO is configured based on suggestion.

I am using Windows 7 SP1 64-bit system.

 

I am not sure what I am missing to start collecting data from local host as well as remote hosts within network.

 



#2 jeffb

jeffb

    Advanced Member

  • Administrators
  • PipPipPip
  • 377 posts
  • Gender:Male

Posted 23 June 2015 - 02:38 PM

This should be because of UAC blocking the profile from being written to which is fairly common.  You should be able to prove this by either disabling UAC and rebooting or installing on a machine that already has UAC disabled.  Another way to prove it is to temporarily use the local administrator account (the actual account named administrator) which UAC will not block.  Of course this account cannot be used permanently since it will have no permissions on monitored computers.  But at least you can isolate.

 

-Jeff






0 user(s) are reading this topic

0 members, guests, anonymous users