troubleshooting Question

Server 2012 R2 Security Log Event Viewer not logging

Avatar of Bash
BashFlag for United Kingdom of Great Britain and Northern Ireland asked on
Windows Server 2012
8 Comments3 Solutions6128 ViewsLast Modified:
I built a 2012 R2 server which is acting as a DC, DNS, KMS and CA. The Group Policy settings for Default Domain Controllers are as per the attachment yet the security event log shows only a handful of events despite there being numerous issues with one user account being locked out - I have twice gone through the steps: disabling the event log service, rebooting, renaming the security event log file, re-enabling the service and re-booting
which generates a new security event viewer log file but no entries appear after the initial logs.  See attachment.

The server is hit by 2 GPO's, DDC and DD. Event logs settings attached.

The GPO's were migrated to this domain from another.

Any further ideas?
DDCSettings.jpg
DDSettings.jpg
SecurityEventViewer.jpg
SecLogProperties.jpg
ASKER CERTIFIED SOLUTION
Bash
Contractor

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 3 Answers and 8 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 3 Answers and 8 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros