Previous Topic: Direct Log CollectionNext Topic: Compliance Reports


Agentless Log Collection

Agentless log collection is the log collection technique where no agent is installed with the event source; rather, log collection is performed by an agent installed on a remote collection point.

Windows Remote Collection with an Agent

Problem:

Suppose you need to collect events from six Windows domain controllers, but the senior systems engineer will not allow any software agent installations on these critical production servers without extensive analysis and approval from the corporate board that considers such changes. This change control process often takes two months to complete.

Solution:

Install the log collection agent on a single Windows server that is not one of the domain controllers. Then, configure remote Windows collection from the Agent Manager to retrieve events from all six Windows domain controllers.

With this solution, no agent installations on production servers or approvals are required.

Procedures

More Information

Agent Management Tasks

Configuring Agent Management

Configure an Agent

How to Create a Connector

For an introduction to Log Collection options, see:

Log Collection