No announcement yet.

Security log getting full.

  • Filter
  • Time
  • Show
Clear All
new posts

  • Security log getting full.

    Hi everyone,

    In our organization we have a DC in which we made changes on default domain security settings -> Local Policies -> Audit Policy -> Audit account logon events & Audit logon event for successful & Failure logins.

    Earlier the setting was only audit for successful logins. But as & when we made setting to audit even for failure logins the security log is getting full on user end desktop. Due to which user are unable to login on their desktop, as it shows security log is full only administrator can log on.

    After login through Administrator i found that security log is full due to failure logins. The event id - 529, source - security, category - logon/logoff, type - audit failure.

    I think all you people understood my query.

    Thanks in advance.

  • #2
    Re: Security log getting full.

    Here are a few things you should do:

    1. Set the retention method for the security log to overwrite as needed in your GPO.

    2. Find out what's happening that's causing so many logon failures.