Idea ID: 2757490

Windows 2019 WINC Support

Status: Delivered

Please add support for collecting AD logs from Windows 2019 via WINC 

Our customers are now starting to migrate their current Windows Servers to 2019.

 

 

Tags:

  • Greetings,

    We have delivered support for Windows Server 2019 events, in ArcSight SmartConnector Parser Update 7.14.2.8258.0 released on: February 21, 2020.

    The "Microsoft Windows Event Log – Native" (WiNC) SmartConnector supports the event collection (parsing snd categorization), for Windows Event Log Security, System, and Application event collection from hosts running the following Microsoft OS versions:
    Microsoft Windows Vista
    Microsoft Windows Server 2008
    Microsoft Windows Server 2008 R2
    Microsoft Windows Server 2012
    Microsoft Windows Server 2012 R2
    Microsoft Windows Server 2016
    Microsoft Windows Server 2019

    Thank you,

    Emrah Alpa
    Sr. Product Manager | ArcSight Global Content & Connectors
    Micro Focus

  • Hi Team,

    This is a new feature request to your developer for SID translation for WINC.

    As we have observed that we are getting "SID" instead of "Target User Name" on this below scenario.

    Name                                                                                                                   externalId
    A member was added to a security-enabled global group.              4728
    A member was added to a security-disabled global group.             4751
    A member was added to a security-enabled local group.                 4732
    A member was removed from a security-enabled local group.      4733
    A member was removed from a security-enabled global group.   4729


    Kindly find  the below "Ticket Number " which will help you to get the overview on this .
    "SD02635524"

     

     

    Regards,

    Gaurab Saha

    +91 8468 007770

    gaurab.saha@airvistara.com

  • We are currently working on a design that would incorporate a Windows Server VM into the Connector Host Appliance (CHA).  The Windows VM will run the WiNC connector.

    Wayne Dalesio

    Senior Product Line Manager – ArcSight Software

    wayne.dalesio@microfocus.com

    “Software is a team sport!”