Solved

windows server 2012 R2 default event log policy settings

Posted on 2014-07-18
5
5,285 Views
Last Modified: 2014-07-25
Does anyone know where I can find the default installed Event log settings for a Windows Server 2012 R2 Domain controller.  I can't find anything on Microsofts site or Technet Library so far.
0
Comment
Question by:dv8angel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
Mahesh earned 150 total points
ID: 40205695
Event log settings are not defined by default
You have to define it manually
Its recommended to have separate GPO to specify event log settings for DC and apply it to domain controllers OU
The settings can be found under
\\computer configuration\Polices\Windows Settings\security settings event log
You need to configure above settings as appropriate
The recommended setting can be keep security logs upto 200 MB, system and application upto 100 MB and overwrite logs as necessary
Also periodically take event log backups
Its upto you how you want to configure

One more setting can be found under computer configuration\administrative templates\windows components\event log service
Here you can configure automatic event log backups
0
 
LVL 7

Expert Comment

by:Sumit Gupta
ID: 40206810
Go to Group policy management then point to
default domain policy\Computer Configuration\Windows Settings\Security Settings\Event Log\
0
 

Author Comment

by:dv8angel
ID: 40209684
Hi,

I guess what I was looking for were the documented settings that configured by default the install of 2012.  I'm pretty aware that they have to be configured from this point/Customized for our environment but there are default settings present and I was hoping someone would be aware of the location of the security settings on Microsoft's site.
Thanks
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 150 total points
ID: 40209965
By default windows server event logs stored on machine upto 20 MBs, afterwards those logs are overwritten as needed

You must set event log policy manually according to your need OR
you can follow recommendation from below article
Recommended Domain Controller Event Log Policy Settings
0
 

Author Closing Comment

by:dv8angel
ID: 40220677
Thanks for your guidance guys.
0

Featured Post

Salesforce Made Easy to Use

On-screen guidance at the moment of need enables you & your employees to focus on the core, you can now boost your adoption rates swiftly and simply with one easy tool.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
A hard and fast method for reducing Active Directory Administrators members.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question