Big savings, Better ROI! Exclusive discounts on ManageEngine Products!* Boost your business *T&C apply
    Click here to shrink
    Click here to expand Click here to expand

    Configuring event log settings

    Event log size needs to be defined to prevent loss of audit data due to overwriting of events.

    • Open the GPMC and, based on your setup, right-click Default Domain Controllers Policy or ADAuditPlusMSPolicy or ADAuditPlusWSPolicy, then select Edit.
      To enable FIM on Right-click
      Domain controller Default Domain Controllers Policy GPO
      Windows server ADAuditPlusMSPolicy GPO
      Workstation ADAuditPlusWSPolicy GPO
    • Navigate to Computer Configuration > Policies > Windows Settings > Security Settings > Event Log.
    • Set Retention method for security log to Overwrite events as needed.
    • Configure the Maximum security log size as defined below. Ensure that the security log can hold a minimum of 12 hours’ worth of data.
    Role Operating system Size
    Domain controller Windows Server 2003 512 MB
    Domain controller Windows Server 2008 and above 1,024 MB
    Member server Windows Server 2003 512 MB
    Member server Windows Server 2008 and above 4,096 MB
    Workstation Windows 10, 8, 7, Vista, and XP 512 MB

    Configure security log size and retention settings

    Don't see what you're looking for?

    •  

      Visit our community

      Post your questions in the forum.

       
    •  

      Request additional resources

      Send us your requirements.

       
    •  

      Need implementation assistance?

      Try onboarding

       

    On this page

    Get download link