Solved

the security log on this system is full only admin can login to fix

Posted on 2010-09-04
7
530 Views
Last Modified: 2012-05-10
Was there an update that I missed?  Recently I have been bombarded with this error and have to clear/reset the Security Log via Active Directory.

I dont see any recent updates or changes on these pc's  So far it s effecting WinXP boxes not Win7.

Any ideas?



 
0
Comment
Question by:mebibyte
  • 4
  • 2
7 Comments
 
LVL 7

Expert Comment

by:GridLock137
Comment Utility
are your win xp machines set up for some kind of audit logging like windows xp firewall or any other or is it the security log of the server that is getting full?
0
 
LVL 7

Accepted Solution

by:
GridLock137 earned 500 total points
Comment Utility
also on the system you are getting the message on check the follwoing:

right click on my computer> select manage> open even viewer> drill down to security log> right click and select property and under the general and filter tabs check your settings and how often you are auditing these events and also check the filters being used. there might be a domain policy set for your xp machines on the server that may be applied for these machines alone. give that a shot.
0
 
LVL 5

Expert Comment

by:EnriquePhoenix
Comment Utility
I had the same prob a few months ago I used this MS kb.
http://support.microsoft.com/kb/867860
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:mebibyte
Comment Utility
By default these pc's are set to Max Log = 512KB  | Overwrite events older than 7 days  |  Filters: Info, Warnings, Error, Success and Failure Audit.

I have to change the settings to Overwrite events as needed then it goes away.

0
 
LVL 7

Expert Comment

by:GridLock137
Comment Utility
if this is one machine you could have something happening on there that could be causing the log to fill up prior to the 7 days, check the logs and see what is happening, if you have audits pointing out login failures then maybe depending on the role of this machine, something could be trying to auhtenticate to that machine for some type of service, aslo what has changed recently on this machine?
0
 
LVL 7

Expert Comment

by:GridLock137
Comment Utility
you can also try this:  http://support.microsoft.com/kb/308427

0
 
LVL 5

Expert Comment

by:EnriquePhoenix
Comment Utility
If all the log entries look legit then I would increase the max log size so it can accommodate 7- 8 days worth of logs.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

If your system is showing symptoms of browser hijacks or 'google search redirects' check out my other article (http://rdsrc.us/u3GP7A) first and run the tool TDSSKiller (http://rdsrc.us/GDBBs4) to get rid of the infection. Once done, and if the …
Issue: Unstable cursor in Windows XP and Windows runs extremely slow in that any click will bring up the Hour glass (sometimes for several seconds before giving you what you want) . Troubleshooting Process and the FINAL FIX: This issue see…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now