I would like to find out if there is a way to retain Event Viewer logs for a period of 90 days? Is there a way to do this via a GPO setting? Or even a registry tweak?This is for troubleshoot and analysis purposes. I'm running on Vista Enterprise (SP1).Please ask if more information is needed

Hi Giggster,see if these articles of my colleague Daniel Petri help:http://www.petri.co.il/event_logs_archiving_with_gpo.htmhttp://www.petri.co.il/vista-event-viewer.htm[If this post helps to resolve your issue, click the "Mark as Answer" or "Helpful" button at the top of this message. By marking a post as Answered, or Helpful you help others find the answer faster.] Vincenzo Di Russo - Microsoft MVP Windows Internet Explorer, Windows Desktop Experience & Security - Since 2003. ~ My Blog: http://blogs.dotnethell.it/vincent/

Thanks for the solution but I have decided to extend the log size limit instead. I want to do this via ADM file which will be upload to the GPO.Something is wrong with my code, because the value is not changing in the registry. Could someone please change or advise me on what to change in the code to make this work for all the event viewer log sizes?ADM code: CLASS MACHINE CATEGORY !!CategoryName POLICY !!L_ApplicationLog KEYNAME "SYSTEM\CurrentControlSet\Services\Eventlog\Application"PART !!L_App VALUENAME MaxSize VALUEON NUMERIC 6000000VALUEOFF NUMERIC 2097152END PARTEXPLAIN !!L_ApplicationExplain END POLICY POLICY !!L_SecurityLog KEYNAME "SYSTEM\CurrentControlSet\Services\Eventlog\Security"PART !!L_Sec VALUENAME MaxSize VALUEON NUMERIC 12000000VALUEOFF NUMERIC 5242880END PART EXPLAIN !!L_SecurityExplain END POLICY POLICY !!L_SystemLog KEYNAME "SYSTEM\CurrentControlSet\Services\Eventlog\System"PART !!L_sys VALUENAME MaxSize VALUEON NUMERIC 6000000VALUEOFF NUMERIC 2097152END PARTEXPLAIN !!L_SystemExplain END POLICY END CATEGORY ;+++++++++++++++++++++++++++++++End User Class+++++++++++++++++++++++++++++++++++++++++++++;++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ [Strings]CategoryName="Event Viewer Log Size"L_ApplicationLog = "Event Viewer Application log size"L_ApplicationExplain ="Sets the default application log size for GIDv1 machine to 6 megabytes"L_SecurityLog = "Event Viewer Security log size"L_SecurityExplain ="Sets the default security log size for GIDv1 machine to 12 megabytes"L_SystemLog = "Event Viewer System log size"L_SystemExplain ="Sets the default system log size for GIDv1 machine to 6 megabytes"L_App = "Maximum Size of Log: "L_Sec = "Maximum Size of Log: "L_Sys = "Maximum Size of Log: "