Event Log Security.

[Guest]

Our company would like to keep system admin from touching all event logs. We
would like to give them "view" but not "clear" permission. An central
security supervisor will do the review and clear the logs. How could we do
this?
Thanks in advance!

 

[Joe Richards [MVP]]

Admins are god. You can't block them out in any meaningful way. Your solution is
to buy a product that forwards the event log entries to a machine that the
security group controls.

joe