• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 40
  • Last Modified:

Security Event Log Size 2012 R2

There is conflicting information regarding the size of the security event log. Some articles mention that the file is always loaded into memory in full, others say that the way the event log is loaded into memory has changed and that setting a larger size is no longer an issue.

Let's say, that for example I have a 4GB event log, will the full file be loaded into RAM? OS version is Windows Server 2012 R2.
0
albatros99
Asked:
albatros99
  • 2
  • 2
2 Solutions
 
McKnifeCommented:
I would simply make a test to find out. Use a script that uses eventcreate.exe in a loop to fill up the log and at the same time, open task manager and watch your RAM consumption.
0
 
albatros99Author Commented:
A 3.2 GB security log shows up in RamMap with 842'542 KB Total and 593'240 KB standby. Clearly it uses more memory but it doesn't load the whole file. I was just hoping this new behaviour would be documented somewhere.
0
 
McKnifeCommented:
Hm - when does it show up, right after a restart or after it has been loaded to memory after using eventvwr?
0
 
albatros99Author Commented:
Solution discovered by testing.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now