AutoArchive Event Log with GPO

My company policies require to not overwrite event log and retain it for at least 2 years, moreover Windows 2003 doesn't allow simple user access if security log is full, I found a way to comply these rules reducing administrative efforts.

I implemented automatic log backup by configuring the AutoBackupLogFiles registry key, which is described in the Microsoft Knowledge Base article:

Moreover I didn't want to archive the files into %SystemRoot%\System32\Config\ so I implemented another policy that change the default Event Viewer Log File location following the Microsoft Knowledge Base article:

About author

Vittorio Pavesi