|
|
|
WinEventToCPLog uses Microsoft APIs to read events from Windows operating system event files. To see these files, use the Windows Event Viewer.
WinEventToCPLog can read event files on the local machine, and can read log files from remote machines with the right privileges. This is useful when you make a central WinEventToCPLog server that forwards multiple Window hosts events to a Check Point Log server.
To set the privileges, invoke WinEventToCPLog -s to specify an administrator login and password.
These are the ways to access the files on a remote machine:
WinEventToCPLog.WinEventToCPLog as an administrator in the domain. This administrator can access all of the machines in the domain.