We have updated our Terms of Service, Code of Conduct, and Addendum.

Replication functionality of AD Group filtering of subscriptions

What is the recommended method of restricting groupings of clients/servers to accessing event collector subscriptions, absent support for computer group control that WEC has?

I thought about creating additional listeners and via GPO pointing particular groupings of clients at particular listeners. Is there a better alternative?

Tagged:

Answers

  • Unless that field supports security groups, it's essentially unusable. We're talking about hundreds or thousands of endpoints to be allowed to it.

    Perhaps a better implementation would be to have a different URL on the CRIBL server for different subscriptions, example:

    Server=http://cribl.mydomain.com:5985/wsman/SubscriptionManager/WEC/Subscription1,R
    efresh=60

    and so on for subscription2,3,4.

    As it is, you seem to be limited to a subscription per server unless we can implement using multiple ports. Some flexibility would be appreciated.