Policy

Configure log access

This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. If you enable this policy setting, only those users matching the security descriptor can access the log. If you disable or do not configure this policy setting, all authenticated users and system services can write, read, or clear this log. Note: If you enable this policy setting, some tools and APIs may ignore it. The same change should be made to the "Configure log access (legacy)" policy setting to enforce this change across all tools and APIs.

Policy
Pack Microsoft Windows
Category Windows Components / Event Log Service / Application
Policy ID 367fb0dd4493
Internal name Channel_Log_FileLogAccess_1

Registry

Copy registry mappings

HKLM\Software\Policies\Microsoft\Windows\EventLog\Application\ChannelAccess

Policy notes

This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. If you enable this policy setting, only those users matching the security descriptor can access the log. If you disable or do not configure this policy setting, all authenticated users and system services can write, read, or clear this log. Note: If you enable this policy setting, some tools and APIs may ignore it. The same change should be made to the "Configure log access (legacy)" policy setting to enforce this change across all tools and APIs.

Related policies

Back up log automatically when fullConfigure log access (legacy)Control Event Log behavior when the log file reaches its maximum sizeControl the location of the log fileSpecify the maximum log file size (KB)