I am collecting security event logs from multiple servers to one central
location via Powershell. (This is a customer requirement)
These event log files are being saved to a shared directory with a
naming convention of *Security-SERVERNAME-mmddyyhhmmss.evt*

I am trying to set up a file collector using CFIS to the share - Rotate
is TRUE File pattern is set to *.evt
I have the collector-plug in for Microsoft-active-directory-and-windows
2011.1r4 and attempting to use connection method File 2011.1r1

When I test the connection, I see raw data flowing. When I apply this
connection it runs for a bit but then stops. It seems to never move on
to the next .evt file in the directory.

Any help or suggestions would be greatly appreciated

michaelshima's Profile: https://forums.netiq.com/member.php?userid=9065
View this thread: https://forums.netiq.com/showthread.php?t=52811