Re: Question on Granting service account read access to Domain Controller Eventlogs

Thu, 28 Oct 2010 06:32:23 -0700 

Could you not just setup a job to copy the security.evtx file to somewhere
else and let them access that?



On Thu, Oct 28, 2010 at 2:48 AM, James Rankin <kz2...@googlemail.com> wrote:

> Can you control this by NTFS access to the .evt file itself?
>
>
>
> On 27 October 2010 16:31, Ziots, Edward <ezi...@lifespan.org> wrote:
>
>>  Running a Windows 2008 R2 DFL/FFL domain, security team needs a service
>> account to have read only access to the Security Eventlog accordingly. Is
>> there a way via the Default Domain Controllers Policy to Grant this, or
>> maybe a users right in Windows 2008 R2 accordingly?
>>
>>
>>
>> Z
>>
>>
>>
>> Edward E. Ziots
>>
>> CISSP, Network +, Security +
>>
>> Network Engineer
>>
>> Lifespan Organization
>>
>> Email:ezi...@lifespan.org <email%3aezi...@lifespan.org>
>>
>> Cell:401-639-3505
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here:
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>
>
>
> --
> "On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into
> the machine wrong figures, will the right answers come out?' I am not able
> rightly to apprehend the kind of confusion of ideas that could provoke such
> a question."
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Reply via email to