AutoArchive Event Log with GPO


My company policies require to not overwrite event log and retain it for at least 2 years, moreover Windows 2003 doesn't allow simple user access if security log is full, I found a way to comply these rules reducing administrative efforts.

I implemented automatic log backup by configuring the AutoBackupLogFiles registry key, which is described in the Microsoft Knowledge Base article: http://support.microsoft.com/default.aspx?kbid=312571.

Moreover I didn't want to archive the files into %SystemRoot%\System32\Config\ so I implemented another policy that change the default Event Viewer Log File location following the Microsoft Knowledge Base article: http://support.microsoft.com/kb/216169/
Tags:

About author

Vittorio Pavesi