Restricting guess access to event logs

Toggle sidebar Toggle sidebar
T

tontod

Diamond Member
Oct 12, 1999
3,244
0
71
How do I restrict guess access to application/security/event log? I searched online, and it mentioned a registry hack. I'd rather not do that, but I couldnt find anything in the group policy or security policy editor that would allow me to do it - unless I missed it? This is in Windows Vista SP1 Business.
 
R

rasczak

Lifer
Jan 29, 2005
10,437
23
81
C:/Windows/system32/config is the folder that holds the event viewer files.

rt click config > properties > security tab > remove everyone but the user or group needed to have access > select advanced and setup your audit options as well.

click apply and ok.

edit: sorry just saw this was for vista, however, the same rules apply, just find the folder that holds the secevent.evt file as well as the application.evt and system.evt files.

**just checked my windows 7 box, looks like the files are in the same location so the rules above should apply.
 
Last edited:
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom