[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

retrive Auditing logs in windows 2008

Posted on 2013-05-19
4
Medium Priority
?
143 Views
Last Modified: 2013-11-12
Dear All

I have one shared folder deleted and we enabled auditing, but when I checked the securety logs I found logs only for one day. how I can see previse day or date . I want know who is deleted the folders.
or there is any tool .

we have windows 2008 R2
0
Comment
Question by:human1900
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 70

Accepted Solution

by:
KCTS earned 1000 total points
ID: 39179439
By default logs are kept until they reach a pre-determined size, once you exceed the limit then the older events are purged to make way for newer events. Once there gone, there gone.
You can specify the size of the log and how they behave. You can do this on an individual log or via a group policy

http://www.vanstechelman.eu/windows/group_policy_settings/security_settings/event_log
0
 
LVL 10

Expert Comment

by:Pramod Ubhe
ID: 39180485
you need to set the amount of logs to be stored and behaviour once they get full.
Set a higher amout of space and manually save the logs so that you can review them later if required. (see attached)

http://www.splunk.com/view/free-vs-enterprise/SP-CAAAE8W 
gives you a good way to manage all the eventlogs in your environment.
Capture.JPG
0
 
LVL 7

Expert Comment

by:manthanein
ID: 39180557
since event log files  automatically deletes  records try creating  a  batch  file  (set  to be run  daily)  that  will  dump the event logs   automatically   using the tool below:

http://technet.microsoft.com/en-us/sysinternals/bb897544
0
 
LVL 2

Expert Comment

by:oliverbob
ID: 39234715
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You need to know the location of the Office templates folder, so that when you create new templates, they are saved to that location, and thus are available for selection when creating new documents.  The steps to find the Templates folder path are …
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question