?
Solved

windows server 2012 R2 default event log policy settings

Posted on 2014-07-18
5
Medium Priority
?
6,455 Views
Last Modified: 2014-07-25
Does anyone know where I can find the default installed Event log settings for a Windows Server 2012 R2 Domain controller.  I can't find anything on Microsofts site or Technet Library so far.
0
Comment
Question by:dv8angel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
Mahesh earned 450 total points
ID: 40205695
Event log settings are not defined by default
You have to define it manually
Its recommended to have separate GPO to specify event log settings for DC and apply it to domain controllers OU
The settings can be found under
\\computer configuration\Polices\Windows Settings\security settings event log
You need to configure above settings as appropriate
The recommended setting can be keep security logs upto 200 MB, system and application upto 100 MB and overwrite logs as necessary
Also periodically take event log backups
Its upto you how you want to configure

One more setting can be found under computer configuration\administrative templates\windows components\event log service
Here you can configure automatic event log backups
0
 
LVL 8

Expert Comment

by:Sumit Gupta
ID: 40206810
Go to Group policy management then point to
default domain policy\Computer Configuration\Windows Settings\Security Settings\Event Log\
0
 

Author Comment

by:dv8angel
ID: 40209684
Hi,

I guess what I was looking for were the documented settings that configured by default the install of 2012.  I'm pretty aware that they have to be configured from this point/Customized for our environment but there are default settings present and I was hoping someone would be aware of the location of the security settings on Microsoft's site.
Thanks
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 450 total points
ID: 40209965
By default windows server event logs stored on machine upto 20 MBs, afterwards those logs are overwritten as needed

You must set event log policy manually according to your need OR
you can follow recommendation from below article
Recommended Domain Controller Event Log Policy Settings
0
 

Author Closing Comment

by:dv8angel
ID: 40220677
Thanks for your guidance guys.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

719 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question