The security log on this system is full

The security log on this system is full
Secure Home | Search | About
Login Password
Register Now! Lost Password?
 Microsoft Applications Security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content add this group's latest topics to your Google content
Subject Author Date
The security log on this system is full Job 10-24-2006
Posted by =?Utf-8?B?Sm9i?= on October 24, 2006, 10:14 am
If you were  Registered and logged in, you could reply and use other advanced thread options
Dear All,

I activated most of security audit (within the default domain controller
policy) for the domain controllers installed with Windows 2000 sp4 (Active
Directory) and it ran well.
Then I have recently upgrated to Windows 2003 sp1 all domain controllers and
now I get the following error when I open a session on domain controllers :

"the security log on this system is full"

When I look at the properties of security event logs file, it shows that
the log size isn't full and there is enough space to further events security
logs. Could you tell me why I get this error ?
I precised that I have defined the log to overwrite events security logs
older than 60 days.
Thanks for your help,
Job

Posted by Special Access on October 24, 2006, 6:40 pm
If you were  Registered and logged in, you could reply and use other advanced thread options
On Tue, 24 Oct 2006 07:14:02 -0700, Job

>Dear All,
>
>I activated most of security audit (within the default domain controller
>policy) for the domain controllers installed with Windows 2000 sp4 (Active
>Directory) and it ran well.
>Then I have recently upgrated to Windows 2003 sp1 all domain controllers and
>now I get the following error when I open a session on domain controllers :
>
>"the security log on this system is full"
>
>When I look at the properties of security event logs file, it shows that
>the log size isn't full and there is enough space to further events security
>logs. Could you tell me why I get this error ?
>I precised that I have defined the log to overwrite events security logs
>older than 60 days.
>Thanks for your help,
>Job

Open REGEDIT and look at
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA and look for a
key of "CrashOnAuditFail". It's value should be either 0 (ignore) or
1 (active). If it's value is 2 (tripped) or NONE (also tripped) then
you need to reset it to either 1 or 0 and reboot.

The fact the log isn't full won't stop this error. This is because
the system can't write to the security log "for whatever reason". This
reason could be:
Disk is full
Log is full
Your stomach is full
The candy dish on the table is full
<smile>

If "crash on audit fail" is active, and the system can't write to the
log, it will crash and give you this error.

Mike

Similar ThreadsPosted
How can a graphic file get full system control? November 11, 2005, 6:34 pm
security system April 11, 2008, 6:03 pm
system security alert November 22, 2006, 5:32 am
Windows system restore directory name security October 25, 2005, 11:17 pm
Your digital ID name cannot be found by the underlying security system January 24, 2008, 10:43 am
How to perform FULL CA backup November 3, 2005, 7:58 pm
Disk full - or is it a virus? January 2, 2007, 3:33 pm
How to perform FULL CA backup February 23, 2007, 9:55 pm
Full read-only access to everything September 28, 2007, 12:10 pm
File System Security Setting Causes Slow Logon November 15, 2005, 7:21 pm

The site map in XML format XML site map

Contact Us | Privacy Policy