Configuring security log size and retention settings

Configuring security log size

Configure security log size for Group Policy audit data using the steps below:

1. Go to Start > Windows Administrative Tools > Group Policy Management.
2. In GPMC, right-click the GPO "domain name"_ADAudit Plus Audit policy, and select Edit.
3. In the Group Policy Management Editor, choose Computer configuration > Policies > Windows settings > Security settings > Event Log > Retention Method for Security Log.
4. Check Define these policy settings, and select Overwrite events as needed.
5. Click OK.

Configuring the retention settings

Configure the retention settings for Group Policy audit data using the steps below:

1. Open ADAudit Plus.
2. Go to Admin > Configuration > Archive Events.
3. Click Archive Folder on the right and specify the location where you wish to store the archive files.
4. Scroll down to GPO Management, then click the Enable icon and the gear icon under the Actions column to open the Archive Settings pop-up.
5. Under Live Tier, specify the Hot Data Retention Time in days, months, or years.
6. Under Archive Tier, check the Retain data indefinitely box if you want to retain archive data forever. Alternatively, uncheck it and specify the Frozen Data Retention Time in days, months, or years.
7. Click Save.

Note: Learn more about archive tiers and the various states of data on the Archive Events page.