Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
|Source: OnePoint Operations|
The Agent received no configuration from the Consolidator. This condition may occur if a new Agent starts up before the consolidator has updated its internal rules cache. It may also mean that the Consolidator no longer has any information about the agent, possibly because the Agent Manager has not been able to contact the agent for an extended period.
|English: Request a translation of the event description in plain English.|
This issue occurs when the MOM agent-managed computer is added to the configuration group. However, the configuration change has not been committed to the OnePoint database. See ME922340 for details on solving this problem.
You will get this error right after Agent installation until the Agent downloads rules from the DCAM. You will need to add the manually installed Agents to Computer Groups and to force a SCAN (you will need to add them to the ''Include list'' on each Computer Group they should belong to).
Next, monitor your DCAM so see if there are any errors relating to these Agents (access denied etc.) Then make sure you have a name resolution from both sides - DCAM and Agent, from the Agent computer try to ping the DCAM, and from the DCAM try to ping the Agent. If there is a Firewall/port filtering, make sure to allow MOM port 1270.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated