Re: Event ID 577 & 578 are filling Security Event Logs
From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 04/28/05
- Next message: Steven L Umbach: "Re: Prevent users from installing software"
- Previous message: Steven L Umbach: "Re: Active Directory Security Auditing, any suggestions?"
- In reply to: timcapp: "Re: Event ID 577 & 578 are filling Security Event Logs"
- Next in thread: Roger Abell: "Re: Event ID 577 & 578 are filling Security Event Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Apr 2005 16:52:28 -0500
OK. That does not sound like fun. If you have not tried it yet the free
Event Comb from Microsoft may make searching security logs easier for
specific events and text strings. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;en-us;308471
"timcapp" <timothy.cappiello@gd-ais.com> wrote in message
news:1114683342.965526.159590@f14g2000cwb.googlegroups.com...
> Thanks for the advice. We currently are only logging audit policy
> failures. Our log is growing on some systems by 2-5 MB a day, and
> almost all of it is is due to this message. The other problem is that
> we need to review these logs weekly, and this message is making that a
> very difficult and time consuming process.
>
> Thanks again.
>
> Tim
>
- Next message: Steven L Umbach: "Re: Prevent users from installing software"
- Previous message: Steven L Umbach: "Re: Active Directory Security Auditing, any suggestions?"
- In reply to: timcapp: "Re: Event ID 577 & 578 are filling Security Event Logs"
- Next in thread: Roger Abell: "Re: Event ID 577 & 578 are filling Security Event Logs"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
