Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

 

Configuring event log settings

Event log size needs to be defined to prevent audit data loss due to events getting overwritten. To configure event log size and retention settings, follow the steps outlined below-

  • Log in to any computer that has the Group Policy Management Console (GPMC), with Domain Admin credentials → Open GPMC → Right click on Default Domain Controllers Policy → Edit.
  • In the Group Policy Management Editor → Computer Configuration → Policies → Windows Settings → Security Settings → Event Log.
  • Navigate to the right pane → Right click on Retention method for security log → Properties → Overwrite events as needed.
  • Navigate to the right pane → Right click on Maximum security log size → Define size as directed in the table below.
  • Note: Ensure security event log holds minimum of 12hrs of data.

    Role Operating System Size
    Domain Controller Windows Server 2003 512 MB
    Domain Controller Windows Server 2008 and above 1024 MB
active-directory-audit-configuring-event-log-settings

ADAudit Plus Trusted By

A single pane of glass for complete Active Directory Auditing and Reporting