Overview
This section lists the minimum set of Event IDs (logs) at least need to be forwarded to the Motadata AIOps. The required Event IDs are determined by the specific server role(s) enabled on the system. Ensure these logs are forwarded for proactive issue resolution by the Motadata AIOps.
Mandatory Event IDs to Forward
When enabling log forwarding, ensure that the following Event IDs are collected for the corresponding server role(s):
- Active Directory Domain Services
- Active Directory Certificate Services
- Active Directory Federation Services
- Active Directory Rights Management Services
- DNS Server
- File and Storage Services
- Network Policy and Access Services
- Remote Access (RRAS / VPN / DirectAccess)
- Web Server (IIS)
- FTP Server
- DHCP
- FAX Server
- Host Guardian Service (HGS)
- Hyper-V
- MultiPoint Services
- Volume Activation Services
- Windows Deployment Services
- Windows Server Essentials Experience (WSEE)
- Windows Server Update Services (WSUS)
- Device Health Attestation (DHA)
- Print and Document Services
- Windows Defender / Security Service
- Failover Clustering
- Remote Desktop Services (RDS)
- Windows Admin Center / Management Tools
- Network Controller / SDN
- Storage Replica
- Windows Time / NTP Services