<div>
Create a robocopy script to export the event log to your folder, create a scheduled task to run the script weekly. &nbsp;I've used this method to ensure storage of 12 months logs
</div>


Create a robocopy script to export the event log to your folder, create a scheduled task to run the script weekly.  I've used this method to ensure storage of 12 months logs

<div>
Thanks. &nbsp;I was curious how to do this with windows native tools...within the eventvwr settings. &nbsp;The options to do so are there but I can't seem to get them to work. &nbsp;Wevtutil works great as well.
</div>


Thanks.  I was curious how to do this with windows native tools...within the eventvwr settings.  The options to do so are there but I can't seem to get them to work.  Wevtutil works great as well.

<div>
<div class="content wysiwyg-content">
Ultimately I'm trying to have security logs written to a remote storage,<br />
&nbsp;(\\&lt;Server-Name&gt;\&lt;Drive-Le<wbr />tter&gt;\&lt;Fil<wbr />e_Name&gt;). &nbsp;<br />
For testing I'm trying to move the default log path from<br />
%SystemRoot%\System32\Wine<wbr />vt\Logs\Se<wbr />curity.evt<wbr />x to<br />
C:\Security.evtx &nbsp;This however is failing. &nbsp;no errors in logs. &nbsp;I double checked the registry at HKEY_LOCAL_MACHINE\SYSTEM\<wbr />CurrentCon<wbr />trolSet\Se<wbr />rvices\Eve<wbr />ntLog\Secu<wbr />rity and the &quot;File&quot; Does point to C:\Security.evtx however logs are still written in the default %SystemRoot%\System32\Wine<wbr />vt\Logs\Se<wbr />curity.evt<wbr />x. &nbsp;I double checked an no group policy is in place for this. &nbsp;Any suggestions on how to do this? &nbsp;I'm aware of wevtutil however I'd like to accomplish this using Event Viewer.
</div>
</div>


Ultimately I'm trying to have security logs written to a remote storage,
 (\\<Server-Name>\<Drive-Letter>\<File_Name>).  
For testing I'm trying to move the default log path from
%SystemRoot%\System32\Winevt\Logs\Security.evtx to
C:\Security.evtx  This however is failing.  no errors in logs.  I double checked the registry at HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Security and the "File" Does point to C:\Security.evtx however logs are still written in the default %SystemRoot%\System32\Winevt\Logs\Security.evtx.  I double checked an no group policy is in place for this.  Any suggestions on how to do this?  I'm aware of wevtutil however I'd like to accomplish this using Event Viewer.

Move Event Log in windows 2012

Windows Server 2012 is the server version of Windows 8 and the successor to Windows Server 2008 R2. Windows Server 2012 is the first version of Windows Server to have no support for Itanium-based computers since Windows NT 4.0. Windows Server 2012, now in its second release (Windows Server 2012 Release 2) includes Foundation, Essentials, Standard and Datacenter, and does not support IA-32 or IA-64 processors.

Windows Server 2012

This topic area includes legacy versions of Windows prior to Windows 2000: Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions including Windows Mobile.

Windows OS

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.

OS Security

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.