Securing Application and System logs on WinNT/2K

From: Martin Brys (MBrys@mvsinc.com)
Date: 02/12/02


From: Martin Brys <MBrys@mvsinc.com>
To: focus-ms@securityfocus.com
Date: Tue, 12 Feb 2002 12:17:56 -0500

Does anyone know a method to secure Application and System Event Logs to
allow viewing only to Administrators? Restrictive permissions are set by
default for Security Event Log, can we achieve the same or similar behavior
for other logs (hopefully including Directory Services, DNS and File
Replication Service on Domain Controllers)? Any hints would be appreciated.

Martin Brys MCSE



Relevant Pages

  • Re: DCPROMO seems to be stuck - Windows Server 2008 R2
    ... Event logs? ... MVP - Directory Services ... When you disabled IPv6 did you disable toreno? ... This is a standalone server running 2008 ...
    (microsoft.public.windows.server.active_directory)
  • Re: Authenication on 2003
    ... Microsoft MVP - Directory Services ... No email replies please - reply in the newsgroup ... > event logs and the only suspect things are can find are in the security ... > Once you reboot the server it works fine again. ...
    (microsoft.public.windows.server.active_directory)
  • Re: Account and profile problem
    ... please repost with any Event Logs and/or other ... error messages. ... MVP - Directory Services ... deleted her account in Active Directory and created a new one with the ...
    (microsoft.public.windows.server.active_directory)
  • Re: finding the Domain controller where the user account get deleted
    ... Assuming your event logs haven't turned over you can use eventcombmt to ... Brian Desmond ... Windows Server MVP - Directory Services ...
    (microsoft.public.windows.server.active_directory)
  • Re: Software Installs via GPO
    ... Have you looked in the application event logs for any warnings or errors? ... Microsoft MVP - Windows Server - Directory Services ... Prev by Date: ...
    (microsoft.public.windows.server.active_directory)