Frequently Asked Questions
Accessing new event log types on Server 2008 / 2012 / 2016
Windows Vista, Windows 7, 8, 10, and 2008/2012/2016 Server provide a new technology for event log retrieval (Windows Eventlog Collection or WEC). This new technology has a number of advantages over the previous retrieval technology, WMI (aka Windows Management Instrumentation):
It is recommended that you use this option whenever the computer(s) that hold the logs are also running Vista or later (e.g. Server 2008, 2012), however if you select the option for an older system, attempts to retrieve log data will most likely result in an access denied error. If you leave the option UNticked, LogMeister will fall back to using the older but still effective WMI technology.
- Ability to retrieve data from new event log types (e.g. Windows Firewall, Task Scheduler)
- Tighter security configuration (WMI has wide ranging abilities, whereas new event log technology is tightly focused)
- Lower resource utilization.
- Better consistency between operating systems
It is recommended that you use this option whenever the computer(s) that hold the logs are also running Vista or later (e.g. Server 2008, 2012), however if you select the option for an older system, attempts to retrieve log data will most likely result in an access denied error. If you leave the option UNticked, LogMeister will fall back to using the older but still effective WMI technology.
Help Topics:
Last Updated 9 years ago
Help Topics
- Technical Questions