Lock down Event Logs?

?

-

I know this question has been asked before but I haven't been able to find
an answer. How can an administrator prevent non-administrator view access
to the event logs? The policy only references preventing the guest account.
I want only a DA to see the App/Sys/NTFRS/NTDS/DNS & of course security
event logs. The security event logs are truly locked down to only
administrators, but how can one do the same thing for the other event logs.
Seeing the even the non-security logs is in itself a security breach.

Do I have to use NTFS ACL's on the files? Is that the only way?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Security Event Logs / Network access 1
Security Logs Fill with Event 560 when limited users log in 3
XP logs out immediately after loggin in!! 3
Event Viewer 1
Issue w/XP's Event Viewer 1
Errors in vista event logs 1
Acess to Event Viewer on Windows 2003 Domain Controllers? 3
Event ID 681 3

Top