Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion GroupsWindows VistaWindows XPWindows MeWindows 98Windows 95Virtual PCInternet ExplorerOutlook ExpressWindows MediaSecurity
Related Topics
MS Server ProductsMS OfficePC HardwareMore Topics ...
Windows Forum / Windows XP / Security and Administration / February 2005

Tip: Looking for answers? Try searching our database.

Security Event Log Empty

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Treeman - 25 Feb 2005 17:08 GMT
Thanks Les,
I checked out the local poicies and nothing was enabled for auditing.
What is the minumum audit policy you recommend?
Thanks,
Treeman

'Lesley Kipling [MSFT Wrote:
> ']Hi.
>
> Have you set up the system to do auditing?  Start\run type secpol.msc
> then
> under local policies\audit policy, check security setting is set to
> either
> success\failure\both (depending on what you want to audit.)  A dual
> server
> logo next to the audit policy is indicative that the policy comes from
> the
> domain level.
>
> How To View and Manage Event Logs in Event Viewer in Windows XP
> WGID:358
> ID: 308427
>
> How To Audit User Access of Files, Folders, and Printers in Windows XP
> WGID:374
> ID: 310399
>
> If you have set it up and it is failing it may be a corrupted log.
> Have you
> tried to open it on another machine?  Does the number of secuirty
> events
> list anything other than 0?
>
> Cheers, Les
>
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
> "Treeman" Treeman.1kx322@pcbanter.net wrote in message
> news:Treeman.1kx322@pcbanter.net...-
>
> Just wondering why my Security log files in Event viewer is empty. I
> mean _no_ events at all showing. XP Pro SP-1
> Treeman
>
> --
> Treeman-

Signature

Treeman

Reply to this Message
Lesley Kipling [MSFT] - 28 Feb 2005 13:29 GMT
Hi.

Well this depends entirely on what you are trying to achieve.

Take a look at the following link - this will help you decide your audit
strategy.  Auditing comes at a overhead and often customers who audit for
too many actions without having a log management strategy end up with vast
security logs, slow servers and too many audits to spot a trend :)

Windows XP Security Guide
Chapter 3: Security Settings for Windows XP Clients
http://www.microsoft.com/technet/security/prodtech/windowsxp/secwinxp/xpsgch03.mspx

Windows 2000 Auditing and Intrusion Detection
http://www.microsoft.com/technet/security/prodtech/windows2000/secmod144.mspx

Cheers, Les

> Thanks Les,
> I checked out the local poicies and nothing was enabled for auditing.
[quoted text clipped - 43 lines]
>> --
>> Treeman-
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.