it's me again. Today I have the problem, that I only get perfmon logs from 2 Domain controllers. We use a deployment server and all other dcs are forwarding all events except these 2. Do you have any Idea why these DCs only forwarding perfmon logs but no windows security eventlogs?
I don't think that this is a firewall problem because perfmon logs are coming in.