2.2.30 Configure 'Manage auditing and security log'

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version

Information

This policy setting determines which users can change the auditing options for files and directories and clear the Security log.

Solution

To establish the recommended configuration via GP, set 'Administrators and (when Exchange is running in the environment) Exchange Servers' for the following UI path: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Manage auditing and security log

See Also

https://workbench.cisecurity.org/files/1941