Choosing what I want to audit in Security Logs
I need to minimize what is being audited for my Security Logs. I am required to keep the Audit Logs for a very long time, and they are just too big.
I have 4 servers running Server 2008R2 and I am getting about 4GB of Audit Logs PER SERVER every two weeks.
I know I can change a few things via the GPMC Computer Config -> Windows Settings -> Security Settings -> Local Policies -> Audit Policy
I was hoping there was a more specific means of picking what I want to audit as 4GB every two weeks is unacceptable.
Thanks,
-Moss
August 22nd, 2012 1:08pm