We are having an issue with ingesting any security events from workstations. We have installed the monitoring agent on both windows server OS and windows 10. All windows servers OS logs arrived in a timely manner, but none of the windows 10 machines are showing logs. Anyone have an idea?
If the servers are working and not the workstations, make sure you have verified the Windows 10 workstations are configured correctly (ports, firewall, etc.), not blocked by GPO or other management mechanism, and the MMA agent is reporting to the proper Log Analytics Workspace.