Hi,
I am gathering security event logs from AD domain controllers, using a special "serviceaccount" particular service id is part of Domain controller Built-in Administrators group.
I am decided to revoke the admin access for that service account. if i revoke the admin will gathering jobs goes fail? let me know the minimal rights for gathering the logs from AD domain controllers.
I don't want to grant admin access for that service account to gather the logs