Getting Started
- System Requirements
- Installation
- Registration
- Version Support Policy
- Assign Service Logon As Credentials
Agent-Based Management
Data Providers
- Data Provider Properties
- SQLite Properties
- MySQL Properties
- Microsoft SQL Server Properties
- File System Properties
Directory Services
Event Log Archiving for JSIG and CMMC Compliance
Auditing
- Audit Work Items
- Self-Auditing
- Group Policy Auditing
Hosts
- Adding Hosts
- Host Properties
- Batch Update Hosts
- Agent Properties
- Logon As Properties
- SFTP Properties
- FTP/S Properties
- SNMP Device Connection Properties
- WMI
- Contact
- Exclusions
- Inventory
- Docker
- Host Assignments
Templates
- Template Properties
- Batch Update Templates
- Assign Templates
- Log Management Templates
- SCAP Compliance Monitor
- File and Directory Monitor Templates
- Windows Monitor Templates
- Windows Management Instrumentation (WMI) Templates
- SSL Certificate Monitor Templates
- Email Monitor Templates
- SNMP Monitor Templates
- Windows Accounts Templates
Monitors
- Monitor Hierarchy
- Temporarily Suppress Monitors Actions
Reports
- Report Properties
- Artificial Intelligence Reports
  - AI Anomaly Detection Report
    - AI Anomaly Detection Report (Template Triggers)
- Security Reports
- Generic Log Reports
- SIEM Report
- SIEM Chart Report
- Azure Active Directory Audit Log Report
- Event Log Report
- SNMP Trap Report
- Syslog Report
- Databse Log Report
- Event Log Summary Report
File and Permission Reports
- File and Directory Access Permissions Report
- Duplicate Files Report
- File Activity Report
- Largest Files Report
- Sorted Files Report
Summary Reports
- Host Inventory Report
- Summary Report
- Collection Report
- Hash Check Reports
Auto-Configurators
Filters
- Simple Filters
- Complex Filters
Actions
- Database Actions
- Desktop Actions
- Email Actions
- Event Log Actions
- Executable Actions
- File Actions
- IIS IP Address Restriction Actions
- Microsoft Teams Actions
- PowerShell Actions
- Report Actions
- Service Actions
- SMS Actions
- SNMP Trap Actions
- Syslog Actions
- Template Actions
- IIS IP Address Restriction Actions
- Action Variables
Schedules
- Fixed Schedules
- Range Schedules
- Real-Time Schedules
Environment Variables
Options
- Email Settings
- Security Settings
- Syslog Server Settings
- SNMP Trap Server Settings
- Log Viewer Settings
- Web Proxy Settings
- Miscellaneous Settings
Account Lockout Monitoring and Reporting
Merging Logs
SNMP
- SNMP Browser
SSH Shell
Syslog
Exporting and Importing Configuration Objects
Shared Views
- Active Directory User and Group Filters
- Assign Actions
- Assign Azure Audit Logs
- Assign Consolidated Logs
- Assign Directories
- Assign Disks
- Assign Event Logs
- Assign Files
- Assign Services
- Assign Shares
- Auto-Config Host Assignment Properties
- Define CSV and W3C Log Entry Columns
- Define Log Entry Columns
- Define Log Entry Columns with Regular Expressions
- Executable Status
- Executable Timeline
- Explicitly Assigned Logs
- File Explorer
- General Executable Properties
- Report Columns
- Report Date/Time Ranges
- Report Security Event Log Filters
- Select Folder or File
- Target Files and Sub-Directories
Command Line Interface
Server Configuration
Agent Configuration
Troubleshooting
- Arithmetic Overflow
- Access Denied
- MySQL: Fatal error encountered during command execution
- Invalid Class
- No Such Interface Supported
- Quota Violation
- The File Exists Errors
- The Interface is Unknown
- The RPC Server is Unavailable
- NetBIOS Errors
Terminology

Access Denied Errors

An Access Denied error is typically thrown by the local WMI Service when an attempt is made to access WMI functions from a host that is either not logged into the domain or when the Server Manager Service is not running with domain administrator credentials.

You may also receive an access denied error when attempting to access Administrator Shares such as c$, d$, e$ etc.

Verify the error:

Open a command-prompt and type:
Wbemtest
The Wbemtest application opens.
Click Connect.
From the Namespace text box, type:
\\HOSTNAME\root\cimv2
Where HOSTNAME is the name of the remote host throwing the error. If either host resides on a different domain or within a workgroup, specify administrator credentials that reside on the remote host or domain.
Click Connect. You should receive the Access Denied error. If you do not receive the error, verify the service is running under the same credentials as the account you are logged into the server with or Server Manager is configured to logon to the remote host as the account you are logged into the server with.

Verify service credentials:

From the Management Console, select View | Dashboard.
From the Service Status table verify the Logon as value is set to either a domain or local administrator account. If the value is SYSTEM or an non-administrator account, from the menu select Service | Change Service Logon .
The Change Service Logon dialog displays. Enter administrator credentials then click OK.

Verify WMI permissions:

Ensure WMI permissions have been set correctly. From the remote host throwing the error, open a command-prompt and type: wmimgmt.msc
Right-click on the WMI Control (local) node and select Properties. Select the Security tab and navigate to root/CIMV2. Click the Security button. Grant the account you and the service are using to access logs Remote Enable and Read Security rights.

Verify DCOM settings:

For more information see: Securing a Remote WMI Connection

Verify Windows shares are enabled:

From the host you are unable to download logs from, verify Windows Shares are enabled.