Registry Guide for Windows Registry Guide for Windows
Part of the WinGuides Network
WinGuides Network and Software
Registry tweaks, tricks & hacks to optimize, enhance and secure Microsoft Windows.

Restrict Access to the Event Logs (Windows NT/2000/XP)
Category: Home > Security > System

Download this tweak with Tweak Manager!This tweak can be easily applied using WinGuides Tweak Manager.
Download a free trial now!

The Windows event log contains records documenting application, security and system events taking place on the machine. As these logs can contain sensitive data this tweak allows you to restrict access to administrators and system accounts only.

Open your registry and find the key below.

Under this key are three sub-keys: Application, Security and System. These subkeys represent each section of the event log. To restrict access to each section create a new DWORD value of 'RestrictGuestAccess' under each sub-key and set it to equal '1'. To restrict access to only certain sections, then only add the value to that specific key.

Restart Windows for change to take effect.

Registry Editor Example
|NameTypeData|
|(Default)REG_SZ(value not set)|
|RestrictGuestAccessREG_DWORD0x00000001 (1)|
-
|HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog|
-

Settings:
System Key: [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog]
Name: RestrictGuestAccess
Type: REG_DWORD (DWORD Value)
Value: (0 = guest access, 1 = restricted access)

Disclaimer: Modifying the registry can cause serious problems that may require you to reinstall your operating system. We cannot guarantee that problems resulting from modifications to the registry can be solved. Use the information provided at your own risk.

Last Modified: March 30, 2002

 Return to Index Copyright © 1998-2003. All Rights Reserved.  License