Log Access

This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string.

If this policy setting is enabled, only those users matching the security descriptor can access the log.

If this policy setting is disabled or not configured, then only system software and administrators can write/clear this log, and any authenticated user can read events from it.

Supported on: At least Windows Vista

Log Access

Registry HiveHKEY_LOCAL_MACHINE
Registry PathSoftware\Policies\Microsoft\Windows\EventLog\System
Value NameChannelAccess
Value TypeREG_SZ
Default Value

eventlog.admx

Administrative Templates (Computers)

Administrative Templates (Users)