Guest Shahid Roofi Posted November 9, 2019 Posted November 9, 2019 We want to centralize all security logs from all 8 DCs. These logs grow rapidly so need to change the location to D or E drive and then set Auto Archive settings. (otherwise C Drive will be filled up in hours) Next challenge is to collect all of these and compress them and put them in one machine. Option1: use scripts that copy all the archive files created on DCs and paste them on file share and deleting the originals. Option2: use event collection/subscription feature. The failure of any of the approach will cause the D drive on the DC to get filled up easily and then DC will be in abnormal state. What is the common solution around this? (apart from 3rd party products). Ideally we need all security events from all DCs Shahid Roofi Continue reading... Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.