Operations · Ingestion

Log Sources

Log Sources
0
Healthy
0
Degraded
0
Down / Issues
0
Log Sources
Loading log sources…
Source Onboarding Guide
Windows Event Forwarder
  1. 1.Open Group Policy Management Console
  2. 2.Navigate to Computer Configuration → Administrative Templates → Windows Components → Event Forwarding
  3. 3.Configure subscriptions pointing to the ThreatOps collector at port 5985
  4. 4.Verify WinRM is enabled: winrm quickconfig
  5. 5.Check forwarding status: wevtutil gl ForwardedEvents
Live
Monitoring — no recent alerts