Backup log automatically when full (Setup)ID: oval:org.secpod.oval:def:19089 | Date: (C)2014-05-29 (M)2023-07-14 |
Class: COMPLIANCE | Family: windows |
The Backup log automatically when full machine setting should be configured correctly for the setup log.
This policy setting controls Event Log behavior when the log file reaches its maximum size and takes effect only if the Retain old events policy setting is enabled. If you enable this policy setting and the Retain old events policy setting is enabled, the Event Log file is automatically closed and renamed when it is full. A new file is then started. If you disable this policy setting and the Retain old events policy setting is enabled, then new events are discarded and the old events are retained. When this policy setting is not configured and the Retain old events policy setting is enabled, new events are discarded and the old events are retained.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Setup\Backup log automatically when full
(2) KEY: HKLM\Software\Policies\Microsoft\Windows\EventLog\Setup\AutoBackupLogFiles
Platform: |
Microsoft Windows Server 2008 R2 |