Software >> OS >> Windows >> Event Log >> How to customize the windows event log to allow selected users access

Required when we need to allow users who are non-administrators to access 1. backup c:\windows\inf\sceregvl.inf 2. edit c:\windows\inf\sceregvl.inf and add following to allow security for eventlogs to be customized via the Local group policy mgmt console (gpedit.msc) MACHINE\System\CurrentControlSet\Services\EventLog\Application\CustomSD,1,%AppLogSD%,2 MACHINE\System\CurrentControlSet\Services\EventLog\System\CustomSD,1,%SysLogSD%,2 MACHINE\System\CurrentControlSet\Services\EventLog\Security\CustomSD,1,%SecLogSD%,2 3. re-register scecli.dll c:\windows\inf> regsvr32 scecli.dll 4. start gpedit.msc, notice that those entries for customising security are added. 5. Follow the SDDL syntax to allow modify the security for each eventlog item to allow the specified users/groups access.