Empty Security Log in Event Viewer

Article translations Article translations
Article ID: 157662 - View products that this article applies to.
This article was previously published under Q157662
This article has been archived. It is offered "as is" and will no longer be updated.
Expand all | Collapse all

SUMMARY

In a default installation of Windows NT, security event logging in the Windows NT Event Viewer is disabled.

To enable security event logging, use User Manager, or User Manager for Domains, and select Audit from the Policies menu.

MORE INFORMATION

Events sent to the security log are also referred to as audit messages. Auditing is controlled from the source of the audit messages. For example, if auditing is required for user access, this can be controlled through User Manager; if auditing is required for file access, this can be controlled through Windows Explorer or File Manager.

If security auditing is left on, the security event log may fill up. To prevent the log from filling up, it may be advisable to change the log properties to overwrite events as needed. This change is done in the Windows NT Event Viewer, Security Event log under the Log, Event Log Settings menu.

For more information on security auditing, please refer to your Windows NT documentation.

Properties

Article ID: 157662 - Last Review: February 24, 2014 - Revision: 4.0
APPLIES TO
  • Microsoft Windows NT Advanced Server 3.1
  • Microsoft Windows NT Workstation 3.1
  • Microsoft Windows NT Workstation 3.5
  • Microsoft Windows NT Workstation 3.51
  • Microsoft Windows NT Workstation 4.0 Developer Edition
  • Microsoft Windows NT Advanced Server 3.1
  • Microsoft Windows NT Server 3.5
  • Microsoft Windows NT Server 3.51
  • Microsoft Windows NT Server 4.0 Standard Edition
Keywords: 
kbnosurvey kbarchive kbhowto kbnetwork KB157662

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com