Can you write to the security event log

[Guest]

We have a requirement to write an event to the security event log. I can
write an event to the application event log but have been unable to write an
event to the security event log?

Is this possible?

Rich

 

[Sijin Joseph]

It is certainly possible, make sure that your user has the rights to write
to the Security Event Log. By default only LocalSystem and Administrator
accounts have Read-Write permissions on the Security Log. I believe user
rights can be modified by using the Policy Editor.

 

[Steve Willcock]

I've never actually managed to do this and the following MSDN article seems
to suggest this is not possible:

http://msdn.microsoft.com/library/d...y/en-us/debug/base/event_logging_security.asp

In particular this line "The Security log is designed for use by the system.
However, users can read and clear the Security log..."

The "Manage auditing and security log" setting in the Policy Editor only
allows the reading and clearing of the security log - I'm not sure if there
is another setting in there that applies to this? I've only tried this on a
Windows XP dev box - not sure if there are different settings on a server
OS?