Archived from groups: microsoft.public.security,microsoft.public.windowsxp.security_admin (
More info?)
> > "Alex Coleman" <coalie@nomail.com> wrote in message
> > news:96D174842EAB631E75@66.250.146.159...
> >
> > I have never seen an entry in the Security Event Log.
> > Do I need to set something to enable logging?
>
>
> "Jan Spooren" <jspooren@nospam.nospam> wrote in
> message news:%23X5A5rRuFHA.3756@tk2msftngp13.phx.gbl...
>
> Go to Administrative Tools / Local Security Policy.
> In the treeview, open the Local Policies Node and Audit Policy nodes.
> In the right-hand side audit policies pane, you can now set succes and/or
> failure auditing for different categories of auditable events, by
> double-clicking on each of those categories.
Please note, you won't want to set an action for every event. I recommend
installing Microsoft Baseline Security Analyzer (MBSA) and performing a
scan of your machine. It will recommend which events to log as a good
security baseline.
MBSA can be found at
http://www.microsoft.com/mbsa
--
AZC
MVP