1. Wbemtest 测试

If you see the status of RPC Server unavailable and, access denied, then the logs won't be collected. if that is the case, you cannot see the logs in the Search tab or home tab.

Kindly run the WBEM TEST.

EventLog Analyzer uses WMI API to fetch the logs from the specific device. It requires certain ports to be opened and, along with proper credentials to fetch the Logs.

If not, it cannot collect the logs.

Perform the WBEMTEST steps (from the Eventlog Analyzer server machine) as below to check whether all the logs are collected for the given credentials.

Steps to perform Wbemtest:

1.） In Windows, click Start->Run

2. ）Type "wbemtest" in the text box and click OK

3. ）In the WMIT window that opens, click Connect

4. ）In the Name space text box, enter \\<host_name_here>\root\cimv2 where <machine_name> is the host machine that you are trying to connect to. For example, if your host name (for which the log collection issue is) is server123 then it should be \\server123\root\cimv2

5. ）In the User text box, enter <machine_name/domain_name>user_name

6. ）In the Password text box, enter the password to log in to the host machine

7. ）Click Connect

If no error dialog box is shown, the login is successful. If it shows any other error message as RPC Server Unavailable, it shows that the ports are blocked where as Access Denied shows that the User has permission restrictions.

Kindly ask the customer to perform the WBEM TEST.

If WBEM TEST fails, EventLog Analyzer cannot collect the logs.

Sample screenshot:

Test123 is the server name.

Instead of this, please try with the IP address, Netbios name and, Fully qualified domain name.

For example,if customer is able to connect only with IP address, then the device should be added with IP address.

Not with the host name.