Re: why so many Success Audit entries in Security Log?
- From: "Dave Nickason [SBS MVP]" <gwdibble@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 2 Aug 2006 16:38:07 -0400
The default auditing policies in SBS are set to the recommended auditing
level for maximum security. I would certainly never advise anyone to lower
their security settings from the recommended configuration.
That said, I only monitor success for account management and policy change.
If someone were to go against my best security-oriented advice and change
their own settings, they would do it by editing the Small Business Server
Auditing Policy. Specifically, you'd change it under Computer
Configuration -> Windows Settings -> Security Settings -> Local Policies ->
Audit Policy. At any time you change a group policy, especially one
relating to security, I recommend carefully documenting that change in case
you later want to undo it.
"Jerome" <foo@xxxxxxx> wrote in message
news:eYllgCntGHA.4928@xxxxxxxxxxxxxxxxxxxxxxx
It looks like there's an entry in the Security Event Viewer every couple
seconds throughout the day. Why so much "no problem" activity?
.
- Follow-Ups:
- References:
- why so many Success Audit entries in Security Log?
- From: Jerome
- why so many Success Audit entries in Security Log?
- Prev by Date: permissions clash
- Next by Date: Recover SA password
- Previous by thread: why so many Success Audit entries in Security Log?
- Next by thread: Re: why so many Success Audit entries in Security Log?
- Index(es):
Relevant Pages
|
Loading
