Creating an Event Subscription

Expand Event Viewer. right click Subscriptions. Select Create Subscription. Enter Subscription Name.

Use the buttons below to navigate through the lesson

You can create two types of subscriptions:

  • Collector initiated – The collecting computer co ntacts the source computers to retrieve events.
  • Source computer initiated – The forwarding computers contact the collecting computer.

Select Collector initiated. Then Select Computers. Select Add Domain Computers. Select Test. Connectivity test succeeded click OK. Click Select Events. Select Event level. Select Event log. Click OK. Select Advanced. Select User Account. Event Delivery Optimization.

Event Delivery Optimization

Normal This option ensures reliable delivery of events and does not attempt to conserve bandwidth. It is the appropriate choice unless you need tighter control
over bandwidth usage or need forwarded events delivered as quickly as possible. It uses pull delivery mode (where the collecting computer contacts the forwarding
computer) and downloads five events at a time unless 15 minutes pass, in which case it downloads any events that are available.

Minimize Bandwidth This option reduces the network bandwidth consumed by event delivery and is a good choice if you are using event forwarding across a wide area network (WAN) or on a large number of computers on a local area network (LAN). It uses push delivery mode (where the forwarding computer contacts the collecting computer) to forward events every six hours.

Minimize Latency This option ensures that events are delivered with minimal delay. It is an appropriate choice if you are collecting alerts or critical events. It uses push delivery mode and sets a batch timeout of 30 seconds.

Protocol choose from
HTTP Port 80.
HTTPS Port 443 for this protocol you will need to configure..

Configuring Event Forwarding to Use HTTPS

Configure the computer with a computer certificate. You can do this automatically in Active Directory environments by using an enterprise CA.

Create a Windows Firewall exception for TCP port 443. If you have configured Minimize Bandwidth or Minimize Latency Event Delivery Optimization for the subscription, you must also configure a computer certificate and an HTTPS Windows Firewall exception
on the collecting computer.

Click OK. Subscription has been added.