I have a Server 2008 R2 server acting as a collector for two other servers. One is 2008 R2 as well, the other is 2012 R2. Collector Initiated forwarding works just fine, and that's really the only type I've ever implemented. I decided to have a go at Source Initiated, and it's not working out.
I have configured it per "Configure Computers to Forward and Collect Events" on TechNet (and the related articles linked there). I can see a healthy status of the forwarder itself, but the "Source Computers" column remains blank and wcutil gs reports the same: healthy forwarder, no sources.
The group policy is definitely applying to the source servers (gpresult displays it), and sends them to http://, which I'm certain is wrong, because there's already a separate website on this collector that answers on port 80. I tried the WinRM default port (e.g., I set the value in the GPO to Server=http://server.foo.com:5985, but this didn't work either).
I have ensured the computer account of the collector is in the Administrators group of each source server, and I've restarted each source server for good measure.
I think it's worth restating it works with collector-initiated forwarding, so winrm qc did its job and whatnot. Something else is clearly missing, but what?
EDIT: I should have mentioned I've also added the Network Service account on each source computer to the respective computer's Event Log Readers group, as another post on this matter advises.
Best Answer
I'm not sure if this is likely to make a difference, but the SubscriptionManager value in my GPO is set to
Server=http://server.foo.com:5985/wsman/SubscriptionManager/WEC. Apparently I felt it necessary to provide the full URL even though it explicitly states that this is not necessary in the GPO help. I don't remember, but it's possible I too had issues with this and this was my resolution. It might be worth a shot.