A Sentinel Log Manager server is collecting events from Windows hosts
via WECS/WMI. As far as I can see, the connector is generating a
serialized information stream containing most of the Windows event's
fields and forwarding it to the collector. Curiously, I seem unable to
find some of the information fields in the resulting Sentinel data.

More specifically, I am missing the mappings for the "Source name" and
"Log name / Logfile" fields which are part of the connector's output and
indeed do contain valuable data. How do I manage to get them stored and



djedig's Profile: https://forums.netiq.com/member.php?userid=6496
View this thread: https://forums.netiq.com/showthread.php?t=49499