Category: At least Windows Vista

This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the “Retain old events” policy setting is enabled. If you enable this policy setting and the “Retain old events” policy setting is enabled the Event Log file is automatically closed and renamed when it is full. A new file is then started. If you disable this policy setting and the “Retain old events” policy setting is enabled new events are discarded and old events are retained. If you do not configure this policy setting and the “Retain old events” policy setting is enabled new events are discarded and the old events are retained.

This policy setting specifies the maximum size of the log file in kilobytes. If you enable this policy setting you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes) in kilobyte increments. If you disable or do not configure this policy setting the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.

This policy setting controls the location of the log file. The location of the file must be writable by the Event Log service and should only be accessible to administrators. If you enable this policy setting the Event Log uses the path specified in this policy setting. If you disable or do not configure this policy setting the Event Log uses the system32 or system64 subdirectory.

This policy setting controls Event Log behavior when the log file reaches its maximum size. If you enable this policy setting and a log file reaches its maximum size new events are not written to the log and are lost. If you disable or do not configure this policy setting and a log file reaches its maximum size new events overwrite old events. Note: Old events may or may not be retained according to the “Backup log automatically when full” policy setting.

This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string. If you enable this policy setting only those users matching the security descriptor can access the log. If you disable or do not configure this policy setting all authenticated users and system services can write read or clear this log.

This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the “Retain old events” policy setting is enabled. If you enable this policy setting and the “Retain old events” policy setting is enabled the Event Log file is automatically closed and renamed when it is full. A new file is then started. If you disable this policy setting and the “Retain old events” policy setting is enabled new events are discarded and old events are retained. If you do not configure this policy setting and the “Retain old events” policy setting is enabled new events are discarded and the old events are retained.

This policy setting specifies the maximum size of the log file in kilobytes. If you enable this policy setting you can configure the maximum log file size to be between 1 megabyte (1024 kilobytes) and 2 terabytes (2147483647 kilobytes) in kilobyte increments. If you disable or do not configure this policy setting the maximum size of the log file will be set to the locally configured value. This value can be changed by the local administrator using the Log Properties dialog and it defaults to 20 megabytes.

This policy setting controls the location of the log file. The location of the file must be writable by the Event Log service and should only be accessible to administrators. If you enable this policy setting the Event Log uses the path specified in this policy setting. If you disable or do not configure this policy setting the Event Log uses the system32 or system64 subdirectory.

This policy setting controls Event Log behavior when the log file reaches its maximum size. If you enable this policy setting and a log file reaches its maximum size new events are not written to the log and are lost. If you disable or do not configure this policy setting and a log file reaches its maximum size new events overwrite old events. Note: Old events may or may not be retained according to the “Backup log automatically when full” policy setting.

This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string. You cannot configure write permissions for this log. If you enable this policy setting only those users whose security descriptor matches the configured specified value can access the log. If you disable or do not configure this policy setting only system software and administrators can read or clear this log.