FSSO Collector Agent doesn't work like you think. FSSO CA can poll all your 8 DCs itself, you don't have to forward their events anywhere. FSSO CA fetches them all.
Just FSSO CA needs to run on Domain member server, preferably with Domain Administrator privileges. Why? It needs to:
* open event log over RPC or over WMI
* enumerate users groups (windows groups or LDAP)
* perform workstation check (active check on user's workstation), WMI or RRA
It's good idea(tm) to follow most typical usage, as described above.
NOT RECOMMENDED, BUT DOABLE:
In case you are in very special situation and really MUST NOT run it on Windows Domain server, you need to really tweak it:
- install DCAgents on DCs : they will forward logons from LSASS (Dcagent is LSASS-loaded dll)
- install and run FSSO CA on non-domain server as local admin user
- disable workstation checks by setting 0 to both 'Dead Entry Timeout' and 'Workstation Verify interval'
- set FSSO CA to Advanced Mode and fill in LDAP credentials
- you will need to edit registry to add monitored domain (domain won't be detected automatically)
In this mode, FSSO won't check actively on workstations user status, but it will work otherwise. If you decide to go this hard way, let me know I will post here more detailed description. Again, I don't recommend to step out this way.