Which of the following actions would you perform to configure the event collection and event forwarding on the two servers?

The corporate network of Company consists of a Windows Server 2008 single Active
Directory domain. The domain has two servers named Company 1 and Company 2.
To ensure central monitoring of events you decided to collect all the events on one server, to
collect events from Company, and transfer them to Company 1.
You configure the required event subscriptions.
You selected the Normal option for the Event delivery optimization setting by using the HTTP
protocol.
However, you discovered that none of the subscriptions work.
Which of the following actions would you perform to configure the event collection and event
forwarding on the two servers? (Select three. Each answer is a part of the complete
solution).

The corporate network of Company consists of a Windows Server 2008 single Active
Directory domain. The domain has two servers named Company 1 and Company 2.
To ensure central monitoring of events you decided to collect all the events on one server, to
collect events from Company, and transfer them to Company 1.
You configure the required event subscriptions.
You selected the Normal option for the Event delivery optimization setting by using the HTTP
protocol.
However, you discovered that none of the subscriptions work.
Which of the following actions would you perform to configure the event collection and event
forwarding on the two servers? (Select three. Each answer is a part of the complete
solution).

A.
Run window execute the winrm quickconfig command on Company 2.

B.
Run window execute the wecutil qc command on Company 2.

C.
Add the Company 1 account to the Administrators group on Company 2.

D.
Run window execute the winrm quickconfig command on Company 1.

E.
Add the Company 2 account to the Administrators group on Company 1.

F.
Run window execute the wecutil qc command on Company 1.

Explanation:
We need to do three things:
1 – run winrm quickconfig on the source computer (Company 2)
2 – run wecutil qc on the collector computer (Company 1)
3 – add the computer account of the collector computer to the local Administrators group on
the source computer

Had the Event delivery optimization setting been set to Minimize Bandwidth or Minimize
Latency, then we would need to run winrm quickconfig on the collector computer too.
Because it’s set to Normal we can skip that step.
If the HTTPS protocol had been used we also would have had to configure Windows Firewall
exceptions for port 443. But it’s not, and it’s not even listed, so that’s cool.

http://technet.microsoft.com/en-us/library/cc748890.aspx
Configure Computers to Forward and Collect Events
Before you can create a subscription to collect events on a computer, you must configure
both the collecting computer (collector) and each computer from which events will be
collected (source).
To configure computers in a domain to forward and collect events
1. Log on to all collector and source computers. It is a best practice to use a domain account
with administrative privileges.
2. On each source computer, type the following at an elevated command prompt: winrm
quickconfig
Note
If you intend to specify an event delivery optimization of Minimize Bandwidth or Minimize
Latency, then you must also run the above command on the collector computer.
3. On the collector computer, type the following at an elevated command prompt: wecutil qc
4. Add the computer account of the collector computer to the local Administrators group on
each of the source computers.
5. The computers are now configured to forward and collect events. Follow the steps in
Create a New
Subscription to specify the events you want to have forwarded to the collector.



Leave a Reply 0

Your email address will not be published. Required fields are marked *