Getting Started
- System Requirements
- Installation
- Assign Service Logon As Credentials
- Registration
- Version Support Policy
Agent-Based Management
Common Tasks
- Account Lockout Monitoring and Reporting
- Event Log Archiving for JSIG and CMMC Compliance
- Exporting and Importing Configuration Objects
- RDP Session Monitoring and Reporting
- Merging Logs
- Amazon S3 Bucket Support
- Azure File Share Support
Data Providers
- Data Provider Properties
- SQLite Properties
- MySQL Properties
- Microsoft SQL Server Properties
- File System Properties
Directory Services
Auditing
- Audit Work Items
- Self-Auditing
- Group Policy Auditing
- Password Expiry Auditing
Hosts
- Adding Hosts
- Host Properties
- Batch Update Hosts
- Agent Properties
- Logon As Properties
- SFTP Properties
- FTP/S Properties
- SNMP Device Connection Properties
- WMI
- Contact
- Exclusions
- Inventory
- Docker
- Host Assignments
Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- Active Directory User Monitor Templates
- File and Directory Monitor Templates
- Windows Monitor Templates
- Network and Application Monitor Templates
- SSL Certificate Monitor Templates
- Database Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
Monitors
- Monitor Hierarchy
- Temporarily Suppress Monitors Actions
Reports
- Report Properties
- Security Reports
- Generic Log Reports
- File and Permission Reports
- Summary Reports
- Artificial Intelligence Reports
  - AI Anomaly Detection Report
  - AI Anomaly Detection Report (Template Triggers)
Auto-Configurators
Filters
- Simple Filters
- Complex Filters
Actions
- Database Actions
- Desktop Actions
- Disconnect RPD Session Actions
- Email Actions
- Event Log Actions
- Executable Actions
- File Actions
- IIS IP Address Restriction Actions
- Microsoft Teams Actions
- PowerShell Actions
- Report Actions
- Service Actions
- SMS Actions
- SNMP Trap Actions
- Syslog Actions
- Template Actions
- Action Variables
Schedules
- Fixed Schedules
- Range Schedules
- Real-Time Schedules
Environment Variables
Options
- Email Settings
- Security Settings
- Syslog Server Settings
- SNMP Trap Server Settings
- Log Viewer Settings
- Web Proxy Settings
- Miscellaneous Settings
- Logging Settings
SNMP
- SNMP Browser
SSH Shell
Syslog
System Reset
Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
Command Line Interface
Server Configuration
Agent Configuration
Troubleshooting
- Arithmetic Overflow
- Access Denied
- MySQL: Fatal error encountered during command execution
- Invalid Class
- No Such Interface Supported
- Quota Violation
- The File Exists Errors
- The Interface is Unknown
- The RPC Server is Unavailable
- NetBIOS Errors
Terminology

Access Denied Errors

An Access Denied error is typically thrown by the local WMI Service when an attempt is made to access WMI functions from a host that is either not logged into the domain or when the Server Manager Service is not running with domain administrator credentials.

You may also receive an access denied error when attempting to access Administrator Shares such as c$, d$, e$ etc.

Verify the error:

Open a command-prompt and type:
Wbemtest
The Wbemtest application opens.
Click Connect.
From the Namespace text box, type:
\\HOSTNAME\root\cimv2
Where HOSTNAME is the name of the remote host throwing the error. If either host resides on a different domain or within a workgroup, specify administrator credentials that reside on the remote host or domain.
Click Connect. You should receive the Access Denied error. If you do not receive the error, verify the service is running under the same credentials as the account you are logged into the server with or Server Manager is configured to logon to the remote host as the account you are logged into the server with.

Verify service credentials:

From the Management Console, select View | Dashboard.
From the Service Status table verify the Logon as value is set to either a domain or local administrator account. If the value is SYSTEM or an non-administrator account, from the menu select Service | Change Service Logon .
The Change Service Logon dialog displays. Enter administrator credentials then click OK.

Verify WMI permissions:

Ensure WMI permissions have been set correctly. From the remote host throwing the error, open a command-prompt and type: wmimgmt.msc
Right-click on the WMI Control (local) node and select Properties. Select the Security tab and navigate to root/CIMV2. Click the Security button. Grant the account you and the service are using to access logs Remote Enable and Read Security rights.

Verify DCOM settings:

For more information see: Securing a Remote WMI Connection

Verify Windows shares are enabled:

From the host you are unable to download logs from, verify Windows Shares are enabled.