Hi JR,
of course :-)
a.e. if you monitor the systems a.e. with SCOM you can collect the events
and write them into a database for an history purpose.
a.e. only for this SCOM is not a "must" criteria, you can also write a own
script where you export the eventlog to a.e. etl/html/xml file and then
reset after a succesfull export ;-)
In W2K8 systems you could also use "wevtutil.exe" but I could not remember
currently an command line based tool for W2K3. In any case you can also use
the public available eventlog API's a.e. with "ClearEventLog Function" ->
http://msdn.microsoft.com/en-us/library/aa363637.aspx ;-)
http://tekktips.spaces.live.com/blog...04D7!463.entry
Also in most cases and especially in security area you will log too much
information's which is not really useful, check also each enabled setting,
if really required, some of them can make a big difference.
PS : AND thereare several 3rd party tools available which does exactly this
:-)
Hope that helps
Regards
Ramazan
"JR" <> wrote in message
news:...
> Hia folks
>
>
> I'm trying to solve a tough (for me) security problem. I have to set
> up a series of restricted access folders in our network. The users
> insist in keep a log of all access to these folders. Fair enough, but
> my problem is that the "securty log" on the event viewer is allready
> extended to the maximum size, and it can't keep log entrances older
> than 7 days (no room in log...)
>
> I'd like to know if there are tools, or settings (whetever) that would
> allow me to set up extra log files just for these folders. I'd then be
> abble to keep them for a lot longer than those 7 days of the standard
> log.
Similar Threads
Linear Mode
