Solved

Security log is full

Posted on 2006-07-13
3
448 Views
Last Modified: 2013-12-04
Sometime I log in my computer, there is an message that my security log is full and only the administrator can clear it.

What does that mean and how do I clear it as an admistrator?
0
Comment
Question by:gw252
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 48

Accepted Solution

by:
Jay_Jay70 earned 250 total points
ID: 17105429
under computer management - event viewer - choose your log and select properties

you shoul dhave it set to overwrite as needed but you can manually clear from there as well
0
 
LVL 12

Expert Comment

by:Phil_Agcaoili
ID: 17105898
I don't see what version of Windows you are running, but the following link is an idea how to tweak your logging events to capture real security events:
http://support.microsoft.com/kb/q140058/
http://labmice.techtarget.com/troubleshooting/EventLog.htm

Also, you can manually delete the log files by going to:
Start-->Settings-->Control Panel-->Administrative Tools--Event Viewer
Right mouse over "Security Log"
Select "Clear All Events"
Say "No" to saving it

Now the log is not full.
0
 
LVL 38

Expert Comment

by:younghv
ID: 17109144
If you security log is filling up, you need to figure out WHY by reviewing the types of activities you are monitoring.

If needed, you can increase the maximum size of the log (recommended) or reduce what you are watching for (probably not a good idea).

I would strongly recommend against "Overwrite as needed". Different kinds of attacks can fill up a log pretty quickly and your evidence of the attack will be 'overwritten'.

We use a fairly large maximum (about 20 MB) and NEVER 'overwrite'. If one of our security logs gets filled up, we want an Administrator to figure out why.

Security Administrators tend to be a little paranoid - with good reason.

Good Luck,
Vic
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This is a guide to the following problem (not exclusive but here) on Windows: Users need our support and we supporters often use global administrative accounts to do this. Using these accounts safely is a real challenge. Any admin who takes se…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question