Log Retention Policy
Last updated
Last updated
Ensure that event logs are preserved and configured properly to avoid tampering and to retain necessary data.
Maximum log size: Set the maximum size for event logs to avoid log overflow or missing crucial events.
Path: Computer Configuration -> Windows Settings -> Security Settings -> Advanced Audit Policy Configuration -> Event Log.
Audit log retention: Enforce a log retention policy so that logs are regularly archived or exported before they are overwritten.
Path: Computer Configuration -> Windows Settings -> Security Settings -> Advanced Audit Policy Configuration -> Event Log -> Retention Method for Security Log.