A company has client computers that run Windows 8. The client computers are in a
workgroup. Windows Remote Management (WinRM) is configured on all computers.
You need to configure a computer named COMPUTER1 to retrieve Windows event logs
from all other computers in the workgroup.
Which three actions should you perform? (Each correct answer presents part of the solution.
Choose three.)
A.
Add machine accounts of all other computers to the Event Log Readers local group on
COMPUTER1.
B.
Create and configure a collector-initiated subscription.
C.
Start the Windows Event Collector service on all computers other than COMPUTER1.
D.
Start the Windows Event Collector service on COMPUTER1.
E.
Create and configure a source computer¡ªinitiated subscription.
F.
Start the Windows Event Log service on all computers other than COMPUTER1.
G.
Add COMPUTER1 machine account to the Event Log Readers local group on all other
computers.
Explanation:
For best management we want a collector-initiated subscription–meaning we’ll be setting up
the subscription at the collecting computer instead of at each individual computer.
The Windows Event Collector service is requested for subscriptions to work on the computer
doing the collecting.The collecting computer must be a member of the Event Log Readers local group on all
computer in order to be able to read the event log.