I have a log server collecting windows event logs from windows servers in my domain. my log collector is a windows 2012 r2 server. I created a subscription to collect all event logs....application, security and system. However non of my security logs are being forwarded. All I see is application and system. I tried selecting keywords to include auditing success and failure but when I do this it seems no logs get forwarded. Anybody else run into this issue???