Announcement

Collapse
No announcement yet.

Redirect event logs

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Redirect event logs

    Hi,

    I need to redirect the event logs on a w2k pro box to the hdd on a different box.
    Any ideas?

    Thanks,

  • #2
    Re: Redirect event logs

    A solution here:
    http://expertanswercenter.techtarget...141710,00.html

    There is indeed a way to change the default location for the Event Viewer's log files in Windows 2000, 2003 and XP. Note that you need to be logged in with an account that has administrative privileges to do this.
    1. Open REGEDIT (or another Registry editor program) and navigate to the key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\Eventlog

    2. Open the subkey that contains the event log you want to move. On most machines, you'll be able to choose between Application, Security and System.

    3. Each key contains a value named File (type REG_EXPAND_SZ), which contains the pathname and filename to the log file. By default this is %SystemRoot%\system32\config\.Evt. You can provide a new pathname and filename here, but you should use the .EVT file extension.

    4. Close the Registry and restart the computer.


    I havent tried the fix and I would recommend you do it with a test machine first.
    Consider issues like network failure -- what happens if a PC is offline and tries to write an event.

    As a suggestion, consider ways of copying the log files every so often as a scheduled task

    Tom
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    PhD, MSc, FIAP, MIITT
    IT Trainer / Consultant
    Ossian Ltd
    Scotland

    ** Remember to give credit where credit is due and leave reputation points where appropriate **

    Comment

    Working...
    X