Article ID: 157662 - View products that this article applies to.
This article was previously published under Q157662
This article has been archived. It is offered "as is" and will no longer be updated.
In a default installation of Windows NT, security event logging in the Windows NT Event Viewer is disabled.
To enable security event logging, use User Manager, or User Manager for Domains, and select Audit from the Policies menu.
Events sent to the security log are also referred to as audit messages. Auditing is controlled from the source of the audit messages. For example, if auditing is required for user access, this can be controlled through User Manager; if auditing is required for file access, this can be controlled through Windows Explorer or File Manager.
If security auditing is left on, the security event log may fill up. To prevent the log from filling up, it may be advisable to change the log properties to overwrite events as needed. This change is done in the Windows NT Event Viewer, Security Event log under the Log, Event Log Settings menu.
For more information on security auditing, please refer to your Windows NT documentation.
Article ID: 157662 - Last Review: February 24, 2014 - Revision: 4.0