You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: support/windows-server/group-policy/set-event-log-security-locally-or-via-group-policy.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -26,9 +26,9 @@ You can grant users one or more of the following access rights to event logs:
26
26
- Clear
27
27
28
28
> [!IMPORTANT]
29
-
> You can configure the security log in the same way. However, you can change only Read and Clear access permissions. Write access to the security log is reserved only for the Windows Local Security Authority (LSA) and identities having the “Manage auditing and security log” privilege enabled.
29
+
> You can configure the security log in the same way. However, you can change only Read and Clear access permissions. Write access to the security log is reserved only for the Windows Local Security Authority (LSA) and identities that have the **Manage auditing and security log** privilege enabled.
30
30
31
-
You can use an Administrative Template Policy for the purpose. The path for the System Eventlog, for example, is:
31
+
You can use an Administrative Template Policy for the purpose. For example, the path for the System Eventlog is:
@@ -65,8 +65,8 @@ For example, the first ACE denies Anonymous Users read, write, and clear access
65
65
66
66
1. Select **Start**, select **Run**, type *gpedit.msc*, and then select **OK**.
67
67
2. In the Group Policy Editor, expand the following folder tree under **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Event log Service**.
68
-
3. For the example of application eventlog in the subfolder "Application" double-click **"Configure Log Access", "Enable"** the policy setting, type the SDDL string that you want for the log security, and then select **OK**.
69
-
4.Setting the **"Configure Log Access (Legacy)"** is not needed, that is for operating systems older than Windows Vista.
68
+
3. For the example of application eventlog, in the subfolder **Application**, double-click **Configure log access**, select **Enable**, type the SDDL string that you want for the log security, and then select **OK**.
69
+
4.It's not necessary to set **Configure Log Access (Legacy)**. The option is for operating systems older than Windows Vista.
70
70
71
71
## Use group policy to set your application and system log security
0 commit comments