We have updated our Terms of Service, Code of Conduct, and Addendum.

Replication functionality of AD Group filtering of subscriptions


What is the recommended method of restricting groupings of clients/servers to accessing event collector subscriptions, absent support for computer group control that WEC has?

I thought about creating additional listeners and via GPO pointing particular groupings of clients at particular listeners. Is there a better alternative?



  • kgouldsk@live.com

    Unless that field supports security groups, it's essentially unusable. We're talking about hundreds or thousands of endpoints to be allowed to it.

    Perhaps a better implementation would be to have a different URL on the CRIBL server for different subscriptions, example:


    and so on for subscription2,3,4.

    As it is, you seem to be limited to a subscription per server unless we can implement using multiple ports. Some flexibility would be appreciated.