Solved

How do I view older Windows Security Logs? Seems like the logs only show from 1/11/15, but I need to view logs before that date.

Posted on 2015-01-12
6
109 Views
Last Modified: 2015-01-20
How do I view older Windows Security Logs? Seems like the logs only show from 1/11/15, but I need to view logs before that date.
0
Comment
Question by:joukiejouk
6 Comments
 
LVL 14

Accepted Solution

by:
dmwynne earned 300 total points
ID: 40545216
The logs may be set to be overwritten.

Open Event Viewer, go to one of the logs (application, security, system etc), right click, properties, what is the max log size and is it set to overwrite?
0
 

Author Comment

by:joukiejouk
ID: 40545234
Max size is 20 MB. It was set to overwrite. How can I restore any log prior to that date?
0
 
LVL 14

Expert Comment

by:dmwynne
ID: 40545314
You need to restore a backup otherwise I think you are out of luck.
0
Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

 

Author Comment

by:joukiejouk
ID: 40545681
Thanks. I am trying to collect the log from a remote system to forward to my security team. What is the best approach to do this? Currently I am using event viewer MMC and connecting to the remote computer, and doing a saved log file as, but it is hosing my computer.
0
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 200 total points
ID: 40545700
You can copy the security logfile from C:\Windows\System32\winevt\Logs, the name is security.evtx.
0
 
LVL 3

Expert Comment

by:Bahloul
ID: 40545998
Hi,

 the default log size is 20 MB when the file getting full it removes from the old log so you must increase the log file size to gain more history but this wont fix your issue you may see the below log for log size recommendation :-

http://support.microsoft.com/kb/957662

Bahloul.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now