Security event log filling up and slowing the network down
Posted on 2009-04-10
I've been noticing something lately. One of our domain controllers (also our network file server) has had its Security event log reaching the max size. When this happens, the network's performance becomes terrible: lots of slowness across the board, especially on our Citrix servers. Once I clear the event log on this server, performance returns to normal. The Security log isn't filling up with any errors. It's just the usual "Success Audit" entries (Privilege Use and Logon/Logoff). It just seems like it fills up very quickly. I last cleared it about an hour and a half ago, and it's already up to 25,144 entries.
Does anyone have any ideas as to why this is happening? Equally important, does anyone know a better solution than clearing the event log every day or two? It's starting to become understandably annoying. :)
There are three domain controllers and four Citrix servers. They are all running Windows Server 2003 SP2 (with the exception of the file server, which is running Windows Server 2003 SP1).