Manage auditing and security logID: oval:org.secpod.oval:def:22410 | Date: (C)2015-01-07 (M)2023-07-14 |
Class: COMPLIANCE | Family: windows |
This policy setting determines which users can change the auditing options for files and directories and clear the Security log.
When configuring a user right in the SCM enter a comma delimited list of accounts. Accounts can be either local or located in Active Directory, they can be groups, users, or computers.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment!Manage auditing and security log
(2) WMI: root\rsop\computer#RSOP_UserPrivilegeRight#AccountList#UserRight='SeSecurityPrivilege' and precedence=1
Platform: |
Microsoft Windows 8.1 |