This policy setting controls Event Log behavior when the log file reaches its maximum size. If you enable this policy setting and a log file reaches its maximum size, new events are not written to the log and are lost. If you disable or do not configure this policy setting and a log file reaches its maximum size, new events overwrite old events. Note: Old events may or may not be retained according to the Backup log automatically when full policy setting. Fix: (1) GPO: Computer ConfigurationAdministrative TemplatesWindows ComponentsEvent Log ServiceSetup!Control Event Log behavior when the log file reaches its maximum size (2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsEventLogSetup!Retention

[enable/disable]

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Setup!Control Event Log behavior when the log file reaches its maximum size (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\EventLog\Setup!Retention