Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

 

Configure security log size and retention settings

Event log size needs to be defined to prevent loss of audit data due to overwriting of events. 

  •  Open the GPMC and, based on your setup, right-click Default Domain Controllers Policy or ADAuditPlusMSPolicy or ADAuditPlusWSPolicy, then select Edit. 

  • To enable FIM on Right-click
    Domain controller Default Domain Controllers Policy GPO
    Windows server ADAuditPlusMSPolicy GPO
    Workstation ADAuditPlusWSPolicy GPO

  • Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Event Log.
  • Set Retention method for security log to Overwrite events as needed.
  • Configure the Maximum security log size as defined below. Ensure that the security log can hold a minimum of 12 hours’ worth of data.

Role Operating system Size
Domain controller  Windows Server 2003 512 MB
Domain controller  Windows Server 2008 and above 1,024 MB
Member server Windows Server 2003 512 MB
Member server Windows Server 2008 and above 4,096 MB
Workstation Windows 10, 8, 7, Vista, and XP 512 MB

Configure security log size and retention settings

ADAudit Plus Trusted By

A single pane of glass for complete Active Directory Auditing and Reporting