We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Solved
Security log is full
Posted on 2006-07-13
Sometime I log in my computer, there is an message that my security log is full and only the administrator can clear it.
What does that mean and how do I clear it as an admistrator?
What does that mean and how do I clear it as an admistrator?
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
3 Comments
under computer management - event viewer - choose your log and select properties
you shoul dhave it set to overwrite as needed but you can manually clear from there as well
you shoul dhave it set to overwrite as needed but you can manually clear from there as well
I don't see what version of Windows you are running, but the following link is an idea how to tweak your logging events to capture real security events:
http://support.microsoft.com/kb/q140058/
http://labmice.techtarget.com/troubleshooting/EventLog.htm
Also, you can manually delete the log files by going to:
Start-->Settings-->Control
Right mouse over "Security Log"
Select "Clear All Events"
Say "No" to saving it
Now the log is not full.
http://support.microsoft.com/kb/q140058/
http://labmice.techtarget.com/troubleshooting/EventLog.htm
Also, you can manually delete the log files by going to:
Start-->Settings-->Control
Right mouse over "Security Log"
Select "Clear All Events"
Say "No" to saving it
Now the log is not full.
If you security log is filling up, you need to figure out WHY by reviewing the types of activities you are monitoring.
If needed, you can increase the maximum size of the log (recommended) or reduce what you are watching for (probably not a good idea).
I would strongly recommend against "Overwrite as needed". Different kinds of attacks can fill up a log pretty quickly and your evidence of the attack will be 'overwritten'.
We use a fairly large maximum (about 20 MB) and NEVER 'overwrite'. If one of our security logs gets filled up, we want an Administrator to figure out why.
Security Administrators tend to be a little paranoid - with good reason.
Good Luck,
Vic
If needed, you can increase the maximum size of the log (recommended) or reduce what you are watching for (probably not a good idea).
I would strongly recommend against "Overwrite as needed". Different kinds of attacks can fill up a log pretty quickly and your evidence of the attack will be 'overwritten'.
We use a fairly large maximum (about 20 MB) and NEVER 'overwrite'. If one of our security logs gets filled up, we want an Administrator to figure out why.
Security Administrators tend to be a little paranoid - with good reason.
Good Luck,
Vic
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses
Course of the Month7 days, 6 hours left to enroll
715 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.