Logging starts automatically when you start the computer. Logging stops when an event log becomes full and cannot overwrite itself either because you've set it for manual clearing or because the first event in the log is not old enough.
Use the Log Settings command on the Log menu to define logging parameters for each kind of log. You can set the maximum size of the log and specify whether the events are overwritten or stored for a certain period of time.
The Event Log Wrapping option lets you define how events are retained in the log selected in the Change Settings For dialog box. (The default logging policy is to overwrite logs as needed, provided events are at least seven days old.) You can customize this policy for different logs.
The options include the following.
Use | To | |
Overwrite Events As Needed | Have new events continue to be written when the log is full. Each new event replaces the oldest event in the log. This option is a good choice for low-maintenance systems. | |
Overwrite Events Older Than [ ] days | Retain the log for the number of days you specify before overwriting events. The default is 7 days. This option is the best choice if you want to archive log files weekly. This strategy minimizes the chance of losing important log entries and at the same time keeps log sizes reasonable. | |
Do Not Overwrite Events | Clear the log manually rather than automatically. Select this option only if you cannot afford to miss an event, for example, for the security log at a site where security is extremely important. | |
Note
When a log is full (when no more events can be logged), you can free the log by clearing it. Reducing the amount of time you keep an event also frees the log if it allows the next record to be overwritten.
For information on how to clear a log, see "Clearing All Events" in Event Viewer Help.
Although you can increase (to the capacity of the disk and memory) or decrease the maximum log size, each log file has an initial maximum size of 512K. Before decreasing a log's size, you must clear the log.