Lock down Event Logs?
From: - (-_at_-.com)
Date: 07/24/04
- Next message: Colin Nash [MVP]: "Re: Lock down Event Logs?"
- Previous message: klose: "Software Restrictions - Certificate rules do not work"
- Next in thread: Colin Nash [MVP]: "Re: Lock down Event Logs?"
- Reply: Colin Nash [MVP]: "Re: Lock down Event Logs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 23 Jul 2004 18:27:40 -0400
I know this question has been asked before but I haven't been able to find
an answer. How can an administrator prevent non-administrator view access
to the event logs? The policy only references preventing the guest account.
I want only a DA to see the App/Sys/NTFRS/NTDS/DNS & of course security
event logs. The security event logs are truly locked down to only
administrators, but how can one do the same thing for the other event logs.
Seeing the even the non-security logs is in itself a security breach.
Do I have to use NTFS ACL's on the files? Is that the only way?
- Next message: Colin Nash [MVP]: "Re: Lock down Event Logs?"
- Previous message: klose: "Software Restrictions - Certificate rules do not work"
- Next in thread: Colin Nash [MVP]: "Re: Lock down Event Logs?"
- Reply: Colin Nash [MVP]: "Re: Lock down Event Logs?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
