Solved

Domain Controller Security Event Logs

Posted on 2010-11-21
9
1,713 Views
Last Modified: 2012-05-10
Hi,

Does anybody know what is the maximum safe size for security logs on a Win2k3 domain controller ?

If i change the event logs size on one DC, does it also replicate across all DCs?

Thanks :)
0
Comment
Question by:sproku
  • 4
  • 3
  • 2
9 Comments
 
LVL 57

Expert Comment

by:Mike Kline
ID: 34185158
Where I am we use the NSA or DISA guides  http://iase.disa.mil/stigs/content_pages/windows_os_security.html   I'll look to see what they recommend but you can also see for your OS

No the size is not replicated but you can set it using group policy so it applies to all the servers (or DCs)

Thanks

Mike
0
 
LVL 15

Expert Comment

by:getzjd
ID: 34185166
You will need to set this on all domain controllers.  It will not replicate.

Here is some info on the sizes
http://support.microsoft.com/kb/957662
http://technet.microsoft.com/en-us/library/cc776342(WS.10).aspx
0
 
LVL 15

Expert Comment

by:getzjd
ID: 34185172
YOu could set the log sizes via a GPO on the domain controllers.

http://technet.microsoft.com/en-us/library/cc778402(WS.10).aspx
0
 

Author Comment

by:sproku
ID: 34185223
I see that maximum security log size that can be set is up to 4GB. What would be the cons when i set it to the max of 4GB?
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 15

Assisted Solution

by:getzjd
getzjd earned 62 total points
ID: 34185231
Parsing the files would take longer.  Depends on what you are wanting to do with these log files.
0
 

Author Comment

by:sproku
ID: 34185255
are there no system performance degradation when raising it to max size?
0
 
LVL 57

Accepted Solution

by:
Mike Kline earned 63 total points
ID: 34185265
0
 

Author Comment

by:sproku
ID: 34185932
i see. i guess I'll just go with archiving of the log files.

thanks guys.
0
 

Author Closing Comment

by:sproku
ID: 34185939
thanks guys
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Mapping Drives using Group policy preferences Are you still using old scripts to map your network drives if so this article will show you how to get away for old scripts and move toward Group Policy Preference for mapping them. First things f…
Synchronize a new Active Directory domain with an existing Office 365 tenant
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now