Technical Note: [Accelops KB] Informational - How does AO receive Windows Events?
Description
Summary of Topic
AO can get events from Window Event Logs in one of two ways.
1) WMI: AO will pull windows events with each WMI poll. The default interval is 3 minutes.
2) Epilog: Epilog by Snare can be installed on any windows device and configured to send the windows events "real time"
Additional information
The first method only pulls every 3 minutes by default. The second method is close to real-time. Instructions for setting up method 2 are in our User's Guide.
Version Application
All.