Solved

windows server 2012 R2 default event log policy settings

Posted on 2014-07-18
5
5,886 Views
Last Modified: 2014-07-25
Does anyone know where I can find the default installed Event log settings for a Windows Server 2012 R2 Domain controller.  I can't find anything on Microsofts site or Technet Library so far.
0
Comment
Question by:dv8angel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 37

Accepted Solution

by:
Mahesh earned 150 total points
ID: 40205695
Event log settings are not defined by default
You have to define it manually
Its recommended to have separate GPO to specify event log settings for DC and apply it to domain controllers OU
The settings can be found under
\\computer configuration\Polices\Windows Settings\security settings event log
You need to configure above settings as appropriate
The recommended setting can be keep security logs upto 200 MB, system and application upto 100 MB and overwrite logs as necessary
Also periodically take event log backups
Its upto you how you want to configure

One more setting can be found under computer configuration\administrative templates\windows components\event log service
Here you can configure automatic event log backups
0
 
LVL 7

Expert Comment

by:Sumit Gupta
ID: 40206810
Go to Group policy management then point to
default domain policy\Computer Configuration\Windows Settings\Security Settings\Event Log\
0
 

Author Comment

by:dv8angel
ID: 40209684
Hi,

I guess what I was looking for were the documented settings that configured by default the install of 2012.  I'm pretty aware that they have to be configured from this point/Customized for our environment but there are default settings present and I was hoping someone would be aware of the location of the security settings on Microsoft's site.
Thanks
0
 
LVL 37

Assisted Solution

by:Mahesh
Mahesh earned 150 total points
ID: 40209965
By default windows server event logs stored on machine upto 20 MBs, afterwards those logs are overwritten as needed

You must set event log policy manually according to your need OR
you can follow recommendation from below article
Recommended Domain Controller Event Log Policy Settings
0
 

Author Closing Comment

by:dv8angel
ID: 40220677
Thanks for your guidance guys.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question