Configure log access

This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string.

If you enable this policy setting, only those users matching the security descriptor can access the log.

If you disable or do not configure this policy setting, all authenticated users and system services can write, read, or clear this log.

Supported on: At least Windows Vista

Log Access

Registry PathSoftware\Policies\Microsoft\Windows\EventLog\Application
Value NameChannelAccess
Value TypeREG_SZ
Default Value


Administrative Templates (Computers)

Administrative Templates (Users)