Policy
Configure log access (legacy)
Windows 11 25H2
Policy overview
Key metadata and intent for this policy.
Supported OS tags: Windows10, Windows10RT, Windows11, Windows7, Windows8, Windows81, WindowsRT, WindowsRT81, WindowsServer2008, WindowsServer2012, WindowsServer2012R2, WindowsServer2016, WindowsVista
This policy setting specifies the security descriptor to use for the log using the Security Descriptor Definition Language (SDDL) string. You must set both "configure log access" policy settings for this log in order to affect the both modern and legacy tools. If you enable this policy setting, only those users matching the security descriptor can access the log. If you disable this policy setting, all authenticated users and system services can write, read, or clear this log. If you do not configure this policy setting, the previous policy setting configuration remains in effect.
Registry values
How enabled and disabled states update the registry.
No explicit registry values are set for enabled or disabled states.
Policy elements
Inputs and configuration options exposed by this policy.
| Element | Type | Registry mapping | Constraints & behavior |
|---|---|---|---|
Log Access ID Channel_Log_FileLogAccess | text | HKLM\System\CurrentControlSet\Services\EventLog\Application\CustomSD Type REG_SZ | None |
Other policies in this category
Explore related policies at the same level.
- ComputerBack up log automatically when fullAt least Windows Vista
- ComputerConfigure log accessAt least Windows Vista
- ComputerControl Event Log behavior when the log file reaches its maximum sizeAt least Windows Vista
- ComputerControl the location of the log fileAt least Windows Vista
- ComputerSpecify the maximum log file size (KB)At least Windows Vista