+7Hi Team,
We are unable to see Windows on Docker forwarder logs in Chronicle SIEM.
Is there any documenation to follow for troubleshooting.
Below URL is not much helpful for troubleshooting
https://cloud.google.com/chronicle/docs/install/docker-forwarder-windows
+2Hi,
Can you explain a bit more your issue. Is it to see logs from your Windows in Chronicle SIEM or the logs of the forwarder.
If it is the latter, in the documentation you provided, forwarder logs can be seen by launching the following command: sudo docker logs cfps (see https://cloud.google.com/chronicle/docs/install/docker-forwarder-windows#view_forwarder_logs)
If there is an issue on the forwarder or in your configuration file, it will be mentionned there. Also if logs are received and sent to your Chronicle SIEM instance you will have the mention "Batch (XX, LOG_TYPE) successfully uploaded."
If there is an error in your docker log file, you can find some insights for troubleshooting in this documentation: https://cloud.google.com/chronicle/docs/install/troubleshoot-forwarder#common-log-file-errors
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
