locked
ATA Lightweight x Splunk RRS feed

  • Question

  • Hello.

    After installing the Lightweight ATA I can no longer forward my event logs to Splunk.

    Error - Splunk log

    ERROR ExecProcessor - message from ""C:\Program Files\SplunkUniversalForwarder\bin\splunk-winevtlog.exe"" splunk-winevtlog - WinEventLogChannel::subscribeToEvtChannel: Could not subscribe to Windows Event Log channel 'Security'

    Does anyone have any ideas?

    Thursday, December 7, 2017 12:59 PM

Answers

  • Please upgrade to 1.8.6765

    https://www.microsoft.com/en-us/download/details.aspx?id=55536

    Thursday, December 7, 2017 7:12 PM

All replies

  • Known issue, please upgrade to 1.8.1 to fix it.
    Thursday, December 7, 2017 1:03 PM
  • Hi Eli. I'm using the version 1.8.6645.28499
    Thursday, December 7, 2017 5:07 PM
  • Please upgrade to 1.8.6765

    https://www.microsoft.com/en-us/download/details.aspx?id=55536

    Thursday, December 7, 2017 7:12 PM
  • Thankssssssssssssssssss Work for me!!! 
    Friday, December 8, 2017 5:09 PM