Admin Tips
- Windows Server 2008/2003/2000/XP/NT Administrator Knowledge Base
  - Windows Vista
    - Admin Tips
      - Administration
        Backing up event logs

Section(s): Administration
Published on Aug 22, 2006.
Last Modified on Aug 22, 2006.
Last Modified by Mitch Tulloch.
Rating: Not Rated

How to configure Vista to back up event logs.

Windows Vista now lets you use Group Policy to configure event logs so they get backed up when they become full. To configure this using local Group Policy do the following:

1. Type gpedit.msc in the Start Search box and hit Enter.

2. Click Continue when the UAC prompt appears.

3. Navigate to the following policy location:

Computer Configuration\Administrative Templates\Windows Components\Event Log Service

4. Look under Application, Security, Setup or System to configure settings for the log desired.

5. Enable the following policy setting:

Back up log automatically when full

Note that you should also disable the following policy if you are going to configure the above setting:

Retain old events

If you do this, then when the event log becomes full, the event log file is closed by Vista, renamed, and a new event log file is created.

Cheers,
Mitch Tulloch, MVP
http://www.mtit.com

About Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows administration, networking, and security. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy and use Microsoft platforms, products and solutions. Mitch has published over two hundred articles on different IT websites and magazines, and he has written or contributed to almost two dozen books and is lead author for the Windows 7 Resource Kit from Microsoft Press. For more information, see www.mtit.com .